Re: postfix/mailman delivery
Ok, thanks. So, once the message leaves the postfix queue, mailman takes over delivery. I can focus on why mailman is being finicky. On May 13, 2013 4:49 PM, "Wietse Venema" wrote: > Christopher Adams: > > Thank you for your reply. I am really stymied as to what is going on. > Yes, > > the message is being delivered to the mailman 'post test7' command, but > > then takes many hours to actually post. > > When Postfix logs status=sent, the mailman process has taken > responsibility for further processing, and Postfix removes > the message from its queue. > > If nothing happens then you need to examine the mailman setup > first. > > Wietse >
Re:
Thank you for your reply. I am really stymied as to what is going on. Yes, the message is being delivered to the mailman 'post test7' command, but then takes many hours to actually post. Can someone clarify what is actually happening in the following line. I read that it means the message is removed from the postfix queue, but then where is it being held for all that time. I find no other messages in the log file until it eventually is delivered. May 13 16:21:21 swiki postfix/qmgr[29404]: 09DA619984F7: removed May 13 16:21:21 swiki postfix/smtpd[3507]: 09DA619984F7: client= remote.mailserver.com[xxx.xxx.xxx.xx] May 13 16:21:21 swiki postfix/cleanup[3509]: 09DA619984F7: message-id=<0b03fe68e0e760478d413f045b39a02838032...@oslexchange.ddd.d.dd.dd.local > May 13 16:21:21 swiki postfix/qmgr[29404]: 09DA619984F7: from=, size=4105, nrcpt=1 (queue active) May 13 16:21:21 swiki postfix/local[3510]: 09DA619984F7: to=, relay=local, delay=0.17, delays=0.02/0.01/0/0.15, dsn=2.0.0, status=sent (delivered to command: /usr/local/mailman/mail/mailman post test7) May 13 16:21:21 swiki postfix/qmgr[29404]: 09DA619984F7: removed On Thu, May 9, 2013 at 3:03 PM, Noel Jones wrote: > On 5/9/2013 3:53 PM, Christopher Adams wrote: > > hello, > > > > I am having problems with getting mail delivered through our Mailman > > mailing list server. Things were working fine until late yesterday. > > I include a log from a posting below. The message is sent to the > > alias, then is removed from the queue. It is never delivered to the > > person behind the alias. > > > > May 9 12:57:49 swiki postfix/smtpd[26679]: E774019985DC: > > client=nm2-vm0.bullet.mail.bf1.yahoo.com > > <http://nm2-vm0.bullet.mail.bf1.yahoo.com>[98.139.213.127] > > May 9 12:57:50 swiki postfix/cleanup[26968]: E774019985DC: > > message-id=<1368129468.24511.yahoomail...@web164901.mail.bf1.yahoo.com > > <mailto:1368129468.24511.yahoomail...@web164901.mail.bf1.yahoo.com>> > > May 9 12:57:50 swiki postfix/qmgr[23217]: E774019985DC: > > from=mailto:m...@yahoo.com>>, size=3404, nrcpt=1 (queue > > active) > > May 9 12:57:50 swiki postfix/local[27542]: E774019985DC: > > to=, relay=local, delay=0.9, > > delays=0.74/0/0/0.16, dsn=2.0.0, status=sent (delivered to command: > > /usr/local/mailman/mail/mailman owner test7) > > > Postfix delivered the mail to the command shown above. Assuming > this is the correct command, this doesn't look like a postfix problem. > > > > > -- Noel Jones > > > > May 9 12:57:50 swiki postfix/qmgr[23217]: E774019985DC: removed > > > > > > As is requested in the postfix-users document, I am includeing a > > postfinger output. > > > > Many thanks. > > > > > > > > > > --System Parameters-- > > mail_version = 2.5.1 > > hostname = dummyhost.domain.com <http://dummyhost.domain.com> > > uname = Linux dummyhost.domain.com <http://dummyhost.domain.com> > > 2.6.18-194.3.1.el5 #1 SMP Thu May 13 13:08:30 EDT 2010 x86_64 x86_64 > > x86_64 GNU/Linux > > > > --Packaging information-- > > looks like this postfix comes from RPM package: postfix-2.5.1-1.rhel5 > > > > --main.cf <http://main.cf> non-default parameters-- > > alias_database = hash:/etc/postfix/aliases > > alias_maps = hash:/etc/postfix/aliases, hash:/usr/local/mailman/data/ > > aliases > > disable_vrfy_command = yes > > mailq_path = /usr/bin/mailq.postfix > > mail_spool_directory = /var/spool/mail > > manpage_directory = /usr/share/man > > message_size_limit = 10145728 > > mydestination = dummyhost.domain.com > > <http://dummyhost.domain.com>,$myhostname, localhost.$mydomain, > > localhost.localdomain, listsmart.$mydomain, swiki.$mydomain > > mynetworks = DDD.DDD.DDD.0/24, 127.0.0.0/8 <http://127.0.0.0/8> > > readme_directory = /usr/share/doc/postfix-2.0.16/README_FILES > > recipient_delimiter = + > > sample_directory = /usr/share/doc/postfix-2.0.16/samples > > sendmail_path = /usr/sbin/sendmail.postfix > > smtpd_helo_required = yes > > smtpd_helo_restrictions = permit_mynetworks, > > reject_non_fqdn_hostname, reject_invalid_hostname,permit > > smtpd_recipient_restrictions = reject_unauth_pipelining, > > reject_non_fqdn_recipient, reject_unknown_recipient_domain > > permit_mynetworks, permit_sasl_authenticated, > > reject_unauth_destination, reject_rbl_client bl.spamcop.net > > <http://bl.spamcop.net>, reject_rbl_client cbl.abuseat.org > > <http://cbl.abuseat.org>, reject_rbl_client zen.spamhaus.org > &g
[no subject]
hello, I am having problems with getting mail delivered through our Mailman mailing list server. Things were working fine until late yesterday. I include a log from a posting below. The message is sent to the alias, then is removed from the queue. It is never delivered to the person behind the alias. May 9 12:57:49 swiki postfix/smtpd[26679]: E774019985DC: client= nm2-vm0.bullet.mail.bf1.yahoo.com[98.139.213.127] May 9 12:57:50 swiki postfix/cleanup[26968]: E774019985DC: message-id=< 1368129468.24511.yahoomail...@web164901.mail.bf1.yahoo.com> May 9 12:57:50 swiki postfix/qmgr[23217]: E774019985DC: from=, size=3404, nrcpt=1 (queue active) May 9 12:57:50 swiki postfix/local[27542]: E774019985DC: to=, relay=local, delay=0.9, delays=0.74/0/0/0.16, dsn=2.0.0, status=sent (delivered to command: /usr/local/mailman/mail/mailman owner test7) May 9 12:57:50 swiki postfix/qmgr[23217]: E774019985DC: removed As is requested in the postfix-users document, I am includeing a postfinger output. Many thanks. --System Parameters-- mail_version = 2.5.1 hostname = dummyhost.domain.com uname = Linux dummyhost.domain.com 2.6.18-194.3.1.el5 #1 SMP Thu May 13 13:08:30 EDT 2010 x86_64 x86_64 x86_64 GNU/Linux --Packaging information-- looks like this postfix comes from RPM package: postfix-2.5.1-1.rhel5 --main.cf non-default parameters-- alias_database = hash:/etc/postfix/aliases alias_maps = hash:/etc/postfix/aliases, hash:/usr/local/mailman/data/ aliases disable_vrfy_command = yes mailq_path = /usr/bin/mailq.postfix mail_spool_directory = /var/spool/mail manpage_directory = /usr/share/man message_size_limit = 10145728 mydestination = dummyhost.domain.com,$myhostname, localhost.$mydomain, localhost.localdomain, listsmart.$mydomain, swiki.$mydomain mynetworks = DDD.DDD.DDD.0/24, 127.0.0.0/8 readme_directory = /usr/share/doc/postfix-2.0.16/README_FILES recipient_delimiter = + sample_directory = /usr/share/doc/postfix-2.0.16/samples sendmail_path = /usr/sbin/sendmail.postfix smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks,reject_non_fqdn_hostname, reject_invalid_hostname,permit smtpd_recipient_restrictions = reject_unauth_pipelining, reject_non_fqdn_recipient, reject_unknown_recipient_domain permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_rbl_client bl.spamcop.net, reject_rbl_client cbl.abuseat.org, reject_rbl_client zen.spamhaus.org, reject_rbl_client b.barracudacentral.org, reject_invalid_hostname,reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_unknown_sender_domain, permit smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_non_fqdn_sender, reject_unknown_sender_domain, permit unknown_local_recipient_reject_code = 450 --master.cf-- smtp inet n - n - - smtpd pickupfifo n - n 60 1 pickup cleanup unix n - n - 0 cleanup qmgr fifo n - n 300 1 qmgr tlsmgrunix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounceunix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verifyunix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - n - - smtp relay unix - - n - - smtp -o smtp_fallback_relay= showq unix n - n - - showq error unix - - n - - error retry unix - - n - - error discard unix - - n - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil scacheunix - - n - 1 scache -- end of postfinger output -- -- Christopher Adams adam...@gmail.com
Re: using smtpd_sender_restrictions to block mail from a domain
On Mon, Aug 8, 2011 at 8:54 PM, /dev/rob0 wrote: > On Mon, Aug 08, 2011 at 04:46:13PM -0700, Christopher Adams wrote: > [snip] >> readme_directory = /usr/share/doc/postfix-2.0.16/README_FILES > > If this is really 2.0.16, you should consider upgrading! Postfix 2.4 > has been EOL'ed as of March. 2.8 is current as of January. I am running 2.5.1 > >> 3) Logs >> >> This is a mailman subscribe.log that shows a subscription being >> approved by a mail administrator >> >> Aug 08 09:24:50 2011 (21056) lhdaccreditation: new >> albina.rit...@apotmail.com, via admin approval > > That's tangential to the Postfix issue, but since it really appears > to be a Mailman issue, you need to look at why your list manager is > approving subscribers that you do not want to have on the list! List managers choose to approve whoever they want. They are ignorant. > >> This is from the maillog that shows the message for the pending >> subscription request being sent back to the sender. >> >> Aug 8 09:24:52 swiki postfix/smtp[20686]: 2B075199855F: >> to=, > > The "to=" is the recipient address. Sounds like Mailman was the > sender. Your check_sender_access solution was looking at the sender > address, not the recipient address. Interestingly, the maillog has no entries with 'From: *.apotmail.com'. I would have sent that if I found it. How is that possible? > > The proper solution to this problem would be in Mailman list owner > configuration, ban_list : > http://list.org/mailman-admin/node21.html > >> relay=mail.apotmail.com[209.190.19.68]:25, delay=0.9, >> delays=0.01/0/0.75/0.14, dsn=2.0.0, status=sent (250 OK >> id=1QqTB1-0005jv-1K) > > I'm sure your check_sender_access is working fine; if for example > this new subscriber tried to post to the list, that mail would be > rejected. > > You could, but probably should not, place check_recipient_access > lookups in front of Mailman's submission. Ask the Mailman folks; I > don't think Mailman will be very happy with that. It is relatively easy to address it from a Mailman perspective. I have a script that can create a ban of any domain on all lists. However, I thought that I could just use Postfix to ban any mail from that domain entering the system. > Please review Ansgar's instructions: > >> > To show evidence. Please post >> > >> > a) output of "postconf -n" >> > b) output of "postmap -q apotmail.org hash:/etc/postfix/sender_access" >> > c) a log excerpt demonstrating the issue (from submission to delivery of >> > the mail in question) > > The single smtp(8) log line you shared does not include the sender > address, so it was not adequate. I'm just guessing based on other > information you provided. You should show the ENTIRE non-verbose > logging of a message from when it enters Postfix until final > disposition thereof. > -- > Offlist mail to this address is discarded unless > "/dev/rob0" or "not-spam" is in Subject: header > I am still interested in knowing how to do this in Postfix, thought my problem is temporarily solved. I can run a cron for the script to update new lists. Thanks, everyone, for your input. -- Christopher Adams adam...@gmail.com
Re: using smtpd_sender_restrictions to block mail from a domain
On Mon, Aug 8, 2011 at 4:13 PM, Ansgar Wiechers wrote: > On 2011-08-08 Christopher Adams wrote: >> I have attempted to block a domain from sending through my mail >> system. The result of my efforts is that this domain can still send >> mail. Here is what I have done. >> >> Created a sender_access file in /etc/postfix. The content: >> >> zeusmail.org REJECT >> apotmail.org REJECT >> >> postmap /etc/postfix/sender_access >> >> I added this to main.cf: >> smtpd_sender_restrictions = check_sender_access >> hash:/etc/postfix/sender_access >> >> I restarted Postfix. >> >> As I said above, mail from the apotmail.org domain continues to come >> through. What have I missed? > > To show evidence. Please post > > a) output of "postconf -n" > b) output of "postmap -q apotmail.org hash:/etc/postfix/sender_access" > c) a log excerpt demonstrating the issue (from submission to delivery of > the mail in question) > > Regards > Ansgar Wiechers Thank you for your reply. The system that Postix is running on has a Mailman installation and the mail in question is related to mailing lists. 1) postconf -n alias_database = hash:/etc/postfix/aliases alias_maps = hash:/etc/postfix/aliases, hash:/usr/local/mailman/data/aliases command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix debug_peer_level = 2 default_privs = nobody default_verp_delimiters = += header_checks = regexp:/etc/postfix/header_checks html_directory = no mail_owner = postfix mail_spool_directory = /var/spool/mail mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man message_size_limit = 10145728 mime_header_checks = regexp:/etc/postfix/mime_header_checks mydestination = $myhostname, localhost.$mydomain, localhost.localdomain, listsmart.$mydomain, swiki.$mydomain mydomain = osl.state.or.us mynetworks = 159.121.122.0/24, 127.0.0.0/8, 159.121.109.0/24 mynetworks_style = subnet newaliases_path = /usr/bin/newaliases queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.0.16/README_FILES recipient_delimiter = + sample_directory = /usr/share/doc/postfix-2.0.16/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtpd_helo_required = yes smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks reject_unauth_destination check_client_access hash:/etc/postfix/client_whitelist reject_rbl_client bl.spamcop.net reject_rbl_client cbl.abuseat.org reject_invalid_hostname reject_non_fqdn_hostname reject_non_fqdn_sender reject_non_fqdn_recipient reject_unknown_sender_domain reject_unknown_recipient_domain permit smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access unknown_local_recipient_reject_code = 450 2) /usr/sbin/postmap -q apotmail.com hash:/etc/postfix/sender_access (I had mistyped in my initial posting. It is apotmail.com, not .org) REJECT 3) Logs This is a mailman subscribe.log that shows a subscription being approved by a mail administrator Aug 08 09:24:50 2011 (21056) lhdaccreditation: new albina.rit...@apotmail.com, via admin approval This is from the maillog that shows the message for the pending subscription request being sent back to the sender. Aug 8 09:24:52 swiki postfix/smtp[20686]: 2B075199855F: to=, relay=mail.apotmail.com[209.190.19.68]:25, delay=0.9, delays=0.01/0/0.75/0.14, dsn=2.0.0, status=sent (250 OK id=1QqTB1-0005jv-1K) Thank you, Christopher Adams adam...@gmail.com
using smtpd_sender_restrictions to block mail from a domain
Hello all, I have attempted to block a domain from sending through my mail system. The result of my efforts is that this domain can still send mail. Here is what I have done. Created a sender_access file in /etc/postfix. The content: zeusmail.org REJECT apotmail.org REJECT postmap /etc/postfix/sender_access I added this to main.cf: smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access I restarted Postfix. As I said above, mail from the apotmail.org domain continues to come through. What have I missed? -- Christopher Adams adam...@gmail.com
Re: Relaying mail from outside through Postfix to Exchange
On Wed, May 4, 2011 at 1:01 PM, Jeroen Geilman wrote: > On 05/04/2011 09:36 PM, Christopher Adams wrote: >> >> Hello, >> >> I am attempting to get Postfix working as a relay to an Exchange 2010 >> server in the same subnet. The incoming mail may originate from the >> same subnet, but it all goes through a central server that is outside >> the subnet. I am doing this for troubleshooting connections between >> the central server and the Exchange server, so it is only temporary. >> >> The outside server would route mail through the server running >> Postfix, which would then relay to the Exchange server. >> >> To get the results that I want, without planning for a permanent setup >> to relay to Exchange, what Postfix configuration parameters do I need >> to set? >> >> These are the parameters that I am guessing have to be tinkered with >> and I have added some values, but am unsure about if I need to do >> anything with the others. Since I don't want mail to be delivered >> locally on the Postfix server, I am assuming that mydestination should >> be empty? >> > > When doing this sort of man-in-the-middle magic you need to consider all > worst-case scenarios. > These definitely include exchange being down and your postfix box queueing > the external mail. > Have you considered what should happen in that case ? > >> relay_domains = $mydestination, ip.of.outside.mailserver > > ...no, relay_domains contains the domains you wish to relay mail FOR. > In this case, the domains configured on the Exchange server and coming in > via the external MTA. > >> mydestination = (empty) > > You want mydestination set to the resolvable name of this postfix server, > or, at a minimum, to "localhost". > > If you set it explicitly to empty then no mail can ever be delivered locally > - including system mail to root or postmaster. > >> myorigin > > Is not directly involved in your setup, and defaults to $myhostname (which > should be fine). > >> relayhost = [exchange.server.ip] > > Note that this will send ALL mail to Exchange, not just the mail you receive > from the external MTA. > >> Thanks for getting me started in the right direction. > > Please start here, and work your way up: > > http://www.postfix.org/BASIC_CONFIGURATION_README.html > > > > -- > J. > > Hello all, I have tinkered with getting Postfix to relay mail from an external (to the Exchange subnet) server to an Exchange 2010 server. I have not done any real tests yet, as this mail is all our organization mail and I want to get it right. Also, this is a temporary setup to try to troubleshoot some issues between the external server and Exchange. I have included the current output from postconf -n below. FYI - the external mail server(s) are in the subnet 159.121.109.0/24, the Exchange server accepts mail at 159.121.122.30 and 159.121.122.44, and the Postfix server is 159.121.122.15/hpl.osl.state.or.us. I set up a transport_map with the two ips for the Exchange server like this. Not sure if that is correct, but then I have questions about much of this. I would appreciate helpful comments that could get me further along. Thanks. Transport: oslmail.osl.state.or.us relay:[159.121.122.30] oslexchange.osl.state.or.us.local relay:[159.121.122.44] postconf -n output: alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 5 debug_peer_list = hpl.osl.state.or.us default_privs = nobody html_directory = no inet_interfaces = $myhostname, localhost mail_owner = postfix mail_spool_directory = /var/spool/mail mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man message_size_limit = 1000 mydestination = $myhostname, localhost.$mydomain, localhost, hpl.$mydomain mydomain = osl.state.or.us myhostname = hpl.osl.state.or.us mynetworks = 159.121.122.0/24, 127.0.0.0/8, 159.121.109.41, 159.121.109.42, 159.121.109.43, 159.121.109.44, 159.121.105.151 newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES relay_domains = $mydestination, 159.121.122.30, 159.121.122.44, 159.121.109.41, 159.121.109.42, 150.121.109.43, 159.121.109.44, 159.121.105.151 relayhost = sample_directory = /usr/share/doc/postfix-2.3.3/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks,check_relay_domains smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_security_options = noanonymous transport_maps = hash:/etc/postfix/transport unknown_local_recipient_reject_code = 550 -- Christopher Adams adam...@gmail.com
Re: Relaying mail from outside through Postfix to Exchange
Thank you all for your most helpful tips. I will spend some time with this information and see what I come On Wed, May 4, 2011 at 1:01 PM, Jeroen Geilman wrote: > On 05/04/2011 09:36 PM, Christopher Adams wrote: >> >> Hello, >> >> I am attempting to get Postfix working as a relay to an Exchange 2010 >> server in the same subnet. The incoming mail may originate from the >> same subnet, but it all goes through a central server that is outside >> the subnet. I am doing this for troubleshooting connections between >> the central server and the Exchange server, so it is only temporary. >> >> The outside server would route mail through the server running >> Postfix, which would then relay to the Exchange server. >> >> To get the results that I want, without planning for a permanent setup >> to relay to Exchange, what Postfix configuration parameters do I need >> to set? >> >> These are the parameters that I am guessing have to be tinkered with >> and I have added some values, but am unsure about if I need to do >> anything with the others. Since I don't want mail to be delivered >> locally on the Postfix server, I am assuming that mydestination should >> be empty? >> > > When doing this sort of man-in-the-middle magic you need to consider all > worst-case scenarios. > These definitely include exchange being down and your postfix box queueing > the external mail. > Have you considered what should happen in that case ? > >> relay_domains = $mydestination, ip.of.outside.mailserver > > ...no, relay_domains contains the domains you wish to relay mail FOR. > In this case, the domains configured on the Exchange server and coming in > via the external MTA. > >> mydestination = (empty) > > You want mydestination set to the resolvable name of this postfix server, > or, at a minimum, to "localhost". > > If you set it explicitly to empty then no mail can ever be delivered locally > - including system mail to root or postmaster. > >> myorigin > > Is not directly involved in your setup, and defaults to $myhostname (which > should be fine). > >> relayhost = [exchange.server.ip] > > Note that this will send ALL mail to Exchange, not just the mail you receive > from the external MTA. > >> Thanks for getting me started in the right direction. > > Please start here, and work your way up: > > http://www.postfix.org/BASIC_CONFIGURATION_README.html > > > > -- > J. > >
Relaying mail from outside through Postfix to Exchange
Hello, I am attempting to get Postfix working as a relay to an Exchange 2010 server in the same subnet. The incoming mail may originate from the same subnet, but it all goes through a central server that is outside the subnet. I am doing this for troubleshooting connections between the central server and the Exchange server, so it is only temporary. The outside server would route mail through the server running Postfix, which would then relay to the Exchange server. To get the results that I want, without planning for a permanent setup to relay to Exchange, what Postfix configuration parameters do I need to set? These are the parameters that I am guessing have to be tinkered with and I have added some values, but am unsure about if I need to do anything with the others. Since I don't want mail to be delivered locally on the Postfix server, I am assuming that mydestination should be empty? mynetworks relay_domains = $mydestination, ip.of.outside.mailserver mydestination = (empty) myorigin relayhost = [exchange.server.ip] Thanks for getting me started in the right direction. -- Christopher Adams adam...@gmail.com
Re: getting Postfix 2.8.2 on CentOS 5.5 to send and receive
Thanks for your reply. I figured out that there is a perimeter firewall, in addition to the iptables local firewall, so I have created a bypass rule for mail incoming and outgoing. Now, I have mail coming in. Actually, I am trying to set this up as a temporary relay for testing problems with an Exchange server. I will start a new thread dealing with that. Thanks again. On Wed, May 4, 2011 at 10:16 AM, Noel Jones wrote: > On 5/4/2011 11:10 AM, Christopher Adams wrote: >> >> Running mailq says that the queue is empty. >> >> Here is the output from master.cf >> >> smtp inet n - n - - smtpd -v > > Don't top post. Put your answers in-line, or at the end. > > Remove the -v from the above. Verbose logging is seldom necessary, and can > hide problems in a flood of unrelated information. > > Ok, so what's the problem? Show evidence. > > > > -- Noel Jones > -- Christopher Adams adam...@gmail.com
Re: getting Postfix 2.8.2 on CentOS 5.5 to send and receive
Running mailq says that the queue is empty.
Here is the output from master.cf
smtp inet n - n - - smtpd -v
pickupfifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgrunix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounceunix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verifyunix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
-o fallback_relay=
showq unix n - n - - showq
error unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scacheunix - - n - 1 scache
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
old-cyrus unix - n n - - pipe
flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m
${extension} ${user}
cyrus unix - n n - - pipe
user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m
${extension} ${user}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmailunix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
retry unix - - n - - error
proxywrite unix - - n - 1 proxymap
On Wed, May 4, 2011 at 8:28 AM, Noel Jones wrote:
> On 5/4/2011 10:20 AM, Christopher Adams wrote:
>>
>> Okay, I remembered wrong about postconf. Here is posconf -n:
>>
>> alias_database = hash:/etc/aliases
>> alias_maps = hash:/etc/aliases
>> command_directory = /usr/sbin
>> config_directory = /etc/postfix
>> daemon_directory = /usr/libexec/postfix
>> data_directory = /var/lib/postfix
>> debug_peer_level = 5
>> debug_peer_list = hpl.osl.state.or.us
>> default_privs = nobody
>> html_directory = no
>> mail_owner = postfix
>> mail_spool_directory = /var/spool/mail
>> mailq_path = /usr/bin/mailq.postfix
>> manpage_directory = /usr/share/man
>> message_size_limit = 400
>> mydestination = $myhostname, localhost.$mydomain, localhost, hpl.$mydomain
>> mydomain = osl.state.or.us
>> myhostname = hpl.osl.state.or.us
>> mynetworks_style = subnet
>> newaliases_path = /usr/bin/newaliases.postfix
>> queue_directory = /var/spool/postfix
>> readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
>> sample_directory = /usr/share/doc/postfix-2.3.3/samples
>> sendmail_path = /usr/sbin/sendmail.postfix
>> setgid_group = postdrop
>> unknown_local_recipient_reject_code = 550
>>
>
> Please don't top post.
>
> Show postfix logging of the problem, and "mailq" output.
> Please also show non-comment lines of master.cf. The output of this should
> do that.
> grep -v '^#' master.cf
>
>
>
--
Christopher Adams
adam...@gmail.com
Re: getting Postfix 2.8.2 on CentOS 5.5 to send and receive
Okay, I remembered wrong about postconf. Here is posconf -n: alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 5 debug_peer_list = hpl.osl.state.or.us default_privs = nobody html_directory = no mail_owner = postfix mail_spool_directory = /var/spool/mail mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man message_size_limit = 400 mydestination = $myhostname, localhost.$mydomain, localhost, hpl.$mydomain mydomain = osl.state.or.us myhostname = hpl.osl.state.or.us mynetworks_style = subnet newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES sample_directory = /usr/share/doc/postfix-2.3.3/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop unknown_local_recipient_reject_code = 550 On Wed, May 4, 2011 at 5:57 AM, Noel Jones wrote: > On 5/4/2011 1:50 AM, Christopher Adams wrote: >> >> I have checked some of the troubleshooting tips mentioned in the docs >> and see that the accepted protocol is to generate data from postconf >> -d. > > This is wrong. We don't care about "postconf -d", but we are very interested > in "postconf -n" output. > > Where did you find this incorrect information? The source needs to be > corrected. > > http://www.postfix.org/postconf.1.html > postconf -d = compiled-in defaults. We know what these are. > postconf -n = your settings. > >> I will do that if needed, but I just wanted to check to see what >> steps I should take next. > > Please see: > http://www.postfix.org/DEBUG_README.html#mail > > > -- Noel Jones > -- Christopher Adams adam...@gmail.com
getting Postfix 2.8.2 on CentOS 5.5 to send and receive
Hello all, I had Postfix 2.3 installed on CentOS 5.5. I had Postfix running, but wasn't able to send mail through it. I recompiled and upgraded to 2.8.2. I have verified that Postfix is running, port 25 is open, and I have net connectivity. However, I can't send mail. root 4551 0.0 0.2 54172 2272 ?Ss 22:59 0:00 /usr/libexec/postfix/master postfix 5699 0.0 0.2 54248 2224 ?S23:39 0:00 pickup -l -t fifo -u postfix 5804 0.0 0.2 55208 2272 ?S23:43 0:00 qmgr -l -t fifo -u The maillog shows just this, from the startup: May 3 23:38:58 localhost postfix/postfix-script[5667]: refreshing the Postfix mail system May 3 23:38:58 localhost postfix/master[4551]: reload -- version 2.8.2, configuration /etc/postfix I have checked some of the troubleshooting tips mentioned in the docs and see that the accepted protocol is to generate data from postconf -d. I will do that if needed, but I just wanted to check to see what steps I should take next. Thank you. -- Christopher Adams adam...@gmail.com
Re: question about mynetworks and reject_rbl_client directives
Noel, Thanks so much. Your directions are very easy to follow. It is good to know that mynetworks is truly reserved for *My* Networks. Christopher Adams On Wed, Oct 27, 2010 at 12:52 PM, Noel Jones wrote: > On 10/27/2010 1:41 PM, Christopher Adams wrote: >> >> Would I just add the IP(s) of the >> domain that I want to accept to mynetworks, make sure that happens > > No, only networks under your control should be added to mynetworks. > > For outsiders that may be on RBLs, you need to maintain a separate > whitelist. > > >> smtpd_recipient_restrictions = >> permit_sasl_authenticated, >> permit_mynetworks, >> reject_unauth_destination, > > --> check_client_access hash:/etc/postfix/client_whitelist > >> reject_rbl_client bl.spamcop.net, >> reject_rbl_client dnsbl.sorbs.net, >> reject_rbl_client cbl.abuseat.org, >> reject_invalid_hostname, >> reject_non_fqdn_hostname, >> reject_non_fqdn_sender, >> reject_non_fqdn_recipient, >> reject_unknown_sender_domain, >> reject_unknown_recipient_domain, >> permit >> > > > # client_whitelist > # use the IP number, not the name. > 1.1.1.1 permit_auth_destination > > > Be sure to run "postmap client_whitelist" after editing the whitelist, and > run "postfix reload" after editing main.cf. > > > > -- Noel Jones > -- Christopher Adams adam...@gmail.com
question about mynetworks and reject_rbl_client directives
Hello all, I am a bit confused about setting restrictions on which domains can send through my server. I am utilizing some reject_rbl_client directives to check mail with free spam repositories. One of the valid domains sending to this server was blacklisted by one of the repositories. I would like to know how to override this so that blacklisting doesn't happen to this domain again, while still using this spam filtering. For mynetworks, I have: mynetworks_style = subnet I also have mynetworks = my.local.subnet, 127.0.0.0/8 I know that this latter directive overrides mynetworks_style, so they essentially do the same thing. Would I just add the IP(s) of the domain that I want to accept to mynetworks, make sure that happens before the reject_rbl_client directives and call it good. I think that is what I should be doing, but just want to verify. Is the point to doing this to allow those IPs regardless of any other restrictions that come later. All others would be considered "strangers" and vulnerable to other directives. smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_rbl_client bl.spamcop.net, reject_rbl_client dnsbl.sorbs.net, reject_rbl_client cbl.abuseat.org, reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, permit -- Christopher Adams adam...@gmail.com
Re: error sending/receiving mail
Thanks so much for your reply. Yes, as the error message said, the configuration was incorrect. I had not tinkered with the main.cf file for some time, so overlooked this. I have made the correction and things are working fine. On Mon, Sep 13, 2010 at 1:47 PM, Ralf Hildebrandt wrote: > * Christopher Adams : >> Hello all, >> >> I have a server with Postfix and it is not processing mail. I have set >> up some aliases in /etc/postfix/aliases and after updating them, I run >> postalias /etc/postfix/aliases. When I send to any of the aliases, >> here is the message I get back: >> >> Out: 220 huck.plinkit.org ESMTP Postfix >> In: EHLO mail4.state.or.us >> Out: 250-huck.plinkit.org >> Out: 250-PIPELINING >> Out: 250-SIZE 1024 >> Out: 250-VRFY >> Out: 250-ETRN >> Out: 250 8BITMIME >> In: MAIL From: SIZE=4091 >> Out: 250 Ok >> In: RCPT To: >> Out: 451 Server configuration error > > Examine the servers log, look for > > egrep "(error|fatal):" /var/log/mail.log > >> Here is an entry from the maillog file: > If it was related to the error above, it would provide a clue. But > it isn't. > >> Following is output from postconf -n > AH! > >> smtpd_recipient_restrictions = permit_sasl_authenticated, >> permit_mynetworks, reject_unauth_destination, reject_rbl_client >> bl.spamcop.net, reject_rbl_client dnsbl.sorbs.net, reject_rbl_client >> cbl.abuseat.org, reject_rbl_client ix.dnsbl.manitu.net, >> reject_invalid_ reject_non_fqdn_ reject_non_fqdn_sender, > > Garbage! > >> unknown_local_recipient_reject_code = 450 > > 550, not 450 > > > -- > Ralf Hildebrandt > Geschäftsbereich IT | Abteilung Netzwerk > Charité - Universitätsmedizin Berlin > Campus Benjamin Franklin > Hindenburgdamm 30 | D-12203 Berlin > Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 > ralf.hildebra...@charite.de | http://www.charite.de > > -- Christopher Adams adam...@gmail.com
error sending/receiving mail
Hello all, I have a server with Postfix and it is not processing mail. I have set up some aliases in /etc/postfix/aliases and after updating them, I run postalias /etc/postfix/aliases. When I send to any of the aliases, here is the message I get back: Out: 220 huck.plinkit.org ESMTP Postfix In: EHLO mail4.state.or.us Out: 250-huck.plinkit.org Out: 250-PIPELINING Out: 250-SIZE 1024 Out: 250-VRFY Out: 250-ETRN Out: 250 8BITMIME In: MAIL From: SIZE=4091 Out: 250 Ok In: RCPT To: Out: 451 Server configuration error In: DATA Out: 554 Error: no valid recipients In: RSET Out: 250 Ok In: QUIT Out: 221 Bye Here is an entry from the maillog file: Sep 13 13:41:52 huck postfix/smtp[29817]: 20BABA0401B: to=, orig_to=, relay=smtp2.state.or.us[159.121.105.151], delay=0, status=sent (250 2.0.0 o8DKfqP4030019 Message accepted for delivery) The smpt2 server is a central mail hub. It appears that mail sent through my mail server is reaching the central mail hub, but when processed, is sending back the error message. Following is output from postconf -n alias_database = hash:/etc/postfix/aliases alias_maps = hash:/etc/postfix/aliases body_checks = regexp:/etc/postfix/body_checks command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix debug_peer_level = 2 default_privs = nobody header_checks = regexp:/etc/postfix/header_checks html_directory = no mail_owner = postfix mail_spool_directory = /var/spool/mail mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man mime_header_checks = regexp:/etc/postfix/body_checks mydestination = $mydomain,$myhostname,localhost,localhost.$localhost.localdomain mydomain = plinkit.org myhostname = huck.plinkit.org mynetworks = 159.121.122.0/24, 127.0.0.0/8 mynetworks_style = subnet myorigin = $mydomain newaliases_path = /usr/bin/newaliases queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.2.10/README_FILES recipient_delimiter = + relay_domains = $mydestination sample_directory = /usr/share/doc/postfix-2.2.10/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_rbl_client bl.spamcop.net, reject_rbl_client dnsbl.sorbs.net, reject_rbl_client cbl.abuseat.org, reject_rbl_client ix.dnsbl.manitu.net, reject_invalid_ reject_non_fqdn_ reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, permit transport_maps = hash:/etc/postfix/transport unknown_local_recipient_reject_code = 450 Help with this is most appreciated. Thank you. -- Christopher Adams adam...@gmail.com
question about Postfix and DNS (maybe not for this list)
Hello all, I am having a bit of a problem and I am not sure that it is specifically Postfix-related, but I'll give it a shot. Feel free to flog me or tell me to go away. I am running Postfix 2.3 on a CentOS Linux server. I noticed on our firewall that there were constant connections from the machine running Postfix to addresses all over the world. The interesting thing is that the connection is using OpenDNS [208.67.216.132], a public DNS server. I do not use OpenDNS in my /etc/resolv.conf file (I have 2 other nameservers listed) and I don't know where it is coming from. Here is an example: Aug 11 16:01:25 swiki postfix/smtp[7832]: E38F8DB4CCB: to=, relay=none, delay=30, delays=0/0/30/0, dsn=4.4.1, status=deferred (connect to sx.cn[208.67.216.132]: Connection timed out) If this is the appropriate place to post this question, can someone who knows more than me analyze this and come up with a theory as to what is going on? Thanks for any help you might want to provide.
problem sending outside of local machine
.ad...@state.or.us>, relay=smtp1.state.or.us[DDD.DDD.DDD.DDD]:25, delay=0.49, delays=0.05/0/0.02/0.41, dsn=2.0.0, status=sent (250 2.0.0 o6UHSiB2029783 Message accepted for delivery) Jul 30 10:28:44 localhost postfix/qmgr[18363]: 3842C1998043: removed -- Christopher Adams adam...@gmail.com
Re: header_checks problem
After previously posting a thread about header_checks, someone suggested using check_sender_access, I tried it and posted a follow up and was admonished for changing direction. I specifically asked how to proceed and was told to go back to my original thread, which was header_checks. Message header: I used the Full Header command in Pine About the postconf -n, I had that line commented out from a previous test. Here it is now: alias_database = hash:/etc/postfix/aliases alias_maps = hash:/etc/postfix/aliases, hash:/usr/local/mailman/data/aliases command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix debug_peer_level = 2 default_privs = nobody default_verp_delimiters = += header_checks = regexp:/etc/postfix/header_checks html_directory = no mail_owner = postfix mail_spool_directory = /var/spool/mail mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man message_size_limit = 2097152 mydestination = $myhostname, localhost.$mydomain, localhost.localdomain, listsmart.$mydomain, swiki.$mydomain myhostname = listsmart.osl.state.or.us mynetworks = 159.121.122.0/24, 127.0.0.0/8 mynetworks_style = subnet newaliases_path = /usr/bin/newaliases queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.0.16/README_FILES recipient_delimiter = + sample_directory = /usr/share/doc/postfix-2.0.16/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks,reject_unauth_destination, reject_rbl_client bl.spamcop.net, reject_rbl_client dnsbl.sorbs.net, reject_rbl_client cbl.abuseat.org, reject_rbl_client ix.dnsbl.manitu.net, reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, permit smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_blacklist transport_maps = hash:/etc/postfix/transport unknown_local_recipient_reject_code = 450 I don't understand what you mean by this: > From: testm...@library.state.or.us There's no " " behind "testm...@library.state.or.us" On Mon, Jan 4, 2010 at 12:00 PM, Ralf Hildebrandt < ralf.hildebra...@charite.de> wrote: > * Christopher Adams : > > Hello, > > > > I previously posted this thread, but changed midstream and was given > > guidance as to the proper way to post. So, I am starting again. > > > > Summary: I would like to ban an address/domain from posting to my system. > I > > am using header_checks to do that. > > Why? Wouldn't check_sender_access be more appropriate? > > > /^From: testm...@library.state.or.us / REJECT > > > > Log from maillog on swiki.osl.state.or.us: > > > > Jan 4 11:36:13 swiki postfix/qmgr[19204]: EB79ADB4B6E: from=< > > testm...@library.state.or.us>, size=791, nrcpt=1 (queue active) > > That's the envelope, not the header > > > From: testm...@library.state.or.us > There's no " " behind "testm...@library.state.or.us" > > > > Output of postconf -n : > it lists no header_checks > > > Can someone help with this? Thank you. > > -- > Ralf Hildebrandt > Geschäftsbereich IT | Abteilung Netzwerk > Charité - Universitätsmedizin Berlin > Campus Benjamin Franklin > Hindenburgdamm 30 | D-12203 Berlin > Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 > ralf.hildebra...@charite.de | http://www.charite.de > > -- Christopher Adams adam...@gmail.com
header_checks problem
Hello, I previously posted this thread, but changed midstream and was given guidance as to the proper way to post. So, I am starting again. Summary: I would like to ban an address/domain from posting to my system. I am using header_checks to do that. After creating a header_checks file and modifying main.cf to indicate the use of a header_checks file, a message sent to the server is passed through. I am posting from testm...@library.state.or.us to testm...@swiki.osl.state.or.us. Here is the line from the header_checks file: /^From: testm...@library.state.or.us / REJECT Log from maillog on swiki.osl.state.or.us: Jan 4 11:36:13 swiki postfix/qmgr[19204]: EB79ADB4B6E: from=< testm...@library.state.or.us>, size=791, nrcpt=1 (queue active) Jan 4 11:36:13 swiki postfix/local[19921]: EB79ADB4B6E: to=< testm...@swiki.osl.state.or.us>, relay=local, delay=0.01, delays=0/0.01/0/0, dsn=2.0.0, status=sent (delivered to mailbox) Header of mail received at testm...@library.state.or.us: Return-Path: X-Original-To: testm...@swiki.osl.state.or.us Delivered-To: testm...@swiki.osl.state.or.us Received: from library.state.or.us (www.osl.state.or.us [159.121.122.8]) by listsmart.osl.state.or.us (Postfix) with ESMTP id EB79ADB4B6E for ; Mon, 4 Jan 2010 11:36:13 -0800 (PST) Received: by library.state.or.us (Postfix, from userid 552) id 6993B233FC; Mon, 4 Jan 2010 11:39:52 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by library.state.or.us (Postfix) with ESMTP id 68F7F32E64 for ; Mon, 4 Jan 2010 11:39:52 -0800 (PST) Date: Mon, 4 Jan 2010 11:39:52 -0800 (PST) From: testm...@library.state.or.us To: testm...@swiki.osl.state.or.us Subject: testing Message-ID: MIME-Version: 1.0 Output of postconf -n : alias_database = hash:/etc/postfix/aliases alias_maps = hash:/etc/postfix/aliases, hash:/usr/local/mailman/data/aliases command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix debug_peer_level = 2 default_privs = nobody default_verp_delimiters = += html_directory = no mail_owner = postfix mail_spool_directory = /var/spool/mail mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man message_size_limit = 2097152 mydestination = $myhostname, localhost.$mydomain, localhost.localdomain, listsmart.$mydomain, swiki.$mydomain myhostname = listsmart.osl.state.or.us mynetworks = 159.121.122.0/24, 127.0.0.0/8 mynetworks_style = subnet newaliases_path = /usr/bin/newaliases queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.0.16/README_FILES recipient_delimiter = + sample_directory = /usr/share/doc/postfix-2.0.16/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks,reject_unauth_destination, reject_rbl_client bl.spamcop.net, reject_rbl_client dnsbl.sorbs.net, reject_rbl_client cbl.abuseat.org, reject_rbl_client ix.dnsbl.manitu.net, reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, permit smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_blacklist transport_maps = hash:/etc/postfix/transport unknown_local_recipient_reject_code = 450 Can someone help with this? Thank you.
Re: header_checks not working correctly
Okay, it is obvious that my approach to getting assistance is all wrong. True, I did not understand the posting protocol, mainly because I don't post often to this list. Yes, I did begin the posting with the subject of header_checks. Some kind fellow gave me some assistance and I attempted to try that solution, as it seemed a better way to approach it. Rather than talking about how counterproductive it seems for everyone to jump on me for making innocent errors in my posting, what exactly would be helpful in this case? Should I post a new thread with the information about using a hash map for smptd_sender_restrictions instead of using header_checks? Please enlighten me. Thanks for your assistance. On Mon, Dec 7, 2009 at 9:37 PM, Sahil Tandon wrote: > On Mon, 07 Dec 2009, Christopher Adams wrote: > > > Okay, no more ignorant posts. I will give you all that I have based on > the > > protocol as spelled out. > > > > 1. Summary of the problem: attempting to ban an email address using a > hash > > map does not work. The message is delivered anyway. > > Sorry, this is a bad summary. You began this thread asking about header > checks -- stick to that, unless you are not trying to block a particular > From: header after all. > > > 2. Error messages: none > > Mostly irrelevant. > > > 3. Logging: Maillog shows that the message was delivered. > > SHOW this *and* the message headers of the mail that was delivered. > > > 4. Output from postconf - n: > > I did not see your header_checks directive. > > -- > Sahil Tandon > -- Christopher Adams adam...@gmail.com
Re: header_checks not working correctly
Okay, no more ignorant posts. I will give you all that I have based on the protocol as spelled out. 1. Summary of the problem: attempting to ban an email address using a hash map does not work. The message is delivered anyway. 2. Error messages: none 3. Logging: Maillog shows that the message was delivered. 4. Output from postconf - n: alias_database = hash:/etc/postfix/aliases alias_maps = hash:/etc/postfix/aliases, hash:/usr/local/mailman/data/aliases command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix debug_peer_level = 2 default_privs = nobody default_verp_delimiters = += html_directory = no mail_owner = postfix mail_spool_directory = /var/spool/mail mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man message_size_limit = 2097152 mydestination = $myhostname, localhost.$mydomain, localhost.localdomain, listsmart.$mydomain, swiki.$mydomain myhostname = listsmart.osl.state.or.us mynetworks = 159.121.122.0/24, 127.0.0.0/8 mynetworks_style = subnet newaliases_path = /usr/bin/newaliases queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.0.16/README_FILES recipient_delimiter = + sample_directory = /usr/share/doc/postfix-2.0.16/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks,reject_unauth_destination, reject_rbl_client bl.spamcop.net, reject_rbl_client dnsbl.sorbs.net, reject_rbl_client cbl.abuseat.org, reject_rbl_client ix.dnsbl.manitu.net, reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, permit smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_blacklist transport_maps = hash:/etc/postfix/transport unknown_local_recipient_reject_code = 450 5. Output from postfinger: link in DEBUG document doesn't allow me accss. So, there you have it. Thanks to anyone who is interested in assisting. On Mon, Dec 7, 2009 at 5:42 PM, Wietse Venema wrote: > Christopher Adams: > > Thank you for your helpful reply. > > > > So, now I have this in main.cf: > > > > smtpd_sender_restrictions = > >check_sender_access hash:/etc/postfix/sender_blacklist > > > > I have a file sender_blacklist: > > > > m...@somplace.org/ REJECT > > > > I issued the command 'postmap hash:/etc/postfix/sender_blacklist' > > > > I issued the command: 'postfix reload' > > > > If I send from the address m...@somplace.org, it is not rejected. > > > > Now is a good time to stop posting fragments, and follow > the instructions in the mailing list welcome message. > >Wietse > > TO REPORT A PROBLEM see http://www.postfix.org/DEBUG_README.html#mail > > TO (UN)SUBSCRIBE see http://www.postfix.org/lists.html > > Thank you for using Postfix. > -- Christopher Adams adam...@gmail.com
Re: header_checks not working correctly
Thank you for your helpful reply. So, now I have this in main.cf: smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_blacklist I have a file sender_blacklist: m...@somplace.org/ REJECT I issued the command 'postmap hash:/etc/postfix/sender_blacklist' I issued the command: 'postfix reload' If I send from the address m...@somplace.org, it is not rejected. On Mon, Dec 7, 2009 at 4:47 PM, Ansgar Wiechers wrote: > On 2009-12-07 Christopher Adams wrote: > > I am trying to ban an address from sending through my system. > > > > I have this in main.cf: > > > > header_checks = regexp:/etc/postfix/header_checks > > > > In the header_checks file, I have this: > > > > /^From: .*someplace.org/ DISCARD > > > > I did a 'postfix reload' > > > > Messages from someplace.org are still being delivered. What have I > > missed? > > man 5 header_checks > > | Message headers added by the cleanup(8) daemon itself are excluded > | from inspection. Examples of such message headers are From:, To:, > | Message-ID:, Date:. > > Why don't you use an access map for this? > > # in main.cf: > smtpd_sender_restrictions = > ... > check_sender_access hash:/etc/postfix/sender_blacklist, > ... > > # in sender_blacklist: > somplace.org DISCARD > > Don't forget to postmap sender_blacklist, and perhaps consider REJECTing > instead of DISCARDing. > > Regards > Ansgar Wiechers > -- > "Abstractions save us time working, but they don't save us time learning." > --Joel Spolsky > -- Christopher Adams adam...@gmail.com
header_checks not working correctly
I am trying to ban an address from sending through my system. I have this in main.cf: header_checks = regexp:/etc/postfix/header_checks In the header_checks file, I have this: /^From: .*someplace.org/ DISCARD I did a 'postfix reload' Messages from someplace.org are still being delivered. What have I missed? -- Christopher Adams adam...@gmail.com
Re: question about logging of blocks resulting from message_size_limit
Thank you for your reply. I did find the bounce that indicates that the limit had been exceeded. I thought that the logs might also reflect that it had been blocked. Another question - can the message that the sender receives be modified? On Wed, Sep 2, 2009 at 1:17 PM, Victor Duchovni wrote: > On Wed, Sep 02, 2009 at 01:04:30PM -0700, Christopher Adams wrote: > >> I have modified the message_size_limit in main.cf and restarted >> postfix. If I send messages under the size specified, they are >> delivered normally. If the message is over the limit, the message is >> not delivered, but there is no entry in the /var/log/maillog that >> shows that it was blocked. > > Messages over the size limit are not typically blocked. Rather the > sending system sees the size limit and does even send the message, > returning a bounce to the sender instead. > > -- > Viktor. > > Disclaimer: off-list followups get on-list replies or get ignored. > Please do not ignore the "Reply-To" header. > > To unsubscribe from the postfix-users list, visit > http://www.postfix.org/lists.html or click the link below: > <mailto:majord...@postfix.org?body=unsubscribe%20postfix-users> > > If my response solves your problem, the best way to thank me is to not > send an "it worked, thanks" follow-up. If you must respond, please put > "It worked, thanks" in the "Subject" so I can delete these quickly. > -- Christopher Adams adam...@gmail.com
question about logging of blocks resulting from message_size_limit
I have modified the message_size_limit in main.cf and restarted postfix. If I send messages under the size specified, they are delivered normally. If the message is over the limit, the message is not delivered, but there is no entry in the /var/log/maillog that shows that it was blocked. What am I missing or is this normal behavior. Also, is there a way to send something back to the sender to indicate that the message was too big? -- Christopher Adams adam...@gmail.com
another "mail forwarding loop" question
Can someone clue me in as to what might be causing this? A person sent a message to a mailing list named Xlist. There is nothing nonstandard about Postfix, no Virtual Hosts. I need to know where the fault lies. I call my server '[EMAIL PROTECTED]'. I have a general idea of what a mail forwarding loop is, but I just need to be clear with the customer about it. This is what the sender received back: Diagnostic information for administrators: Generating server: myserver.domain.com [EMAIL PROTECTED] #< #5.4.6 X-Postfix; mail forwarding loop for [EMAIL PROTECTED]> #SMTP# Original message headers: Received: from mailgwisb01.mail.la.gov (mailgwisb01.mail.la.gov [204.196.242.62]) by myserver.domain.com (Postfix) with ESMTP id CBCC5364037 for <[EMAIL PROTECTED]>; Wed, 13 Aug 2008 12:53:45 -0700 (PDT) X-IronPort-AV: E=Sophos;i="4.32,203,1217826000"; d="scan'208,217";a="7100986" Received: from mailfe03.mail.la.gov ([10.4.10.64]) by mailgwisb01.mail.la.gov with ESMTP; 13 Aug 2008 14:58:55 -0500 Received: from mailht01.MAIL.LA.GOV ([10.4.10.65]) by MAILFE03.MAIL.LA.GOV with Microsoft SMTPSVC(6.0.3790.3959); Wed, 13 Aug 2008 14:58:55 -0500 Received: from mailht03.MAIL.LA.GOV (10.4.10.67) by mailht01.mail.la.gov (10.4.10.65) with Microsoft SMTP Server (TLS) id 8.1.291.1; Wed, 13 Aug 2008 14:58:55 -0500 Received: from MAILMBX02.MAIL.LA.GOV ([10.4.10.105]) by mailht03.MAIL.LA.GOV ([10.4.10.67]) with mapi; Wed, 13 Aug 2008 14:58:54 -0500 From: John Smith To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]> Date: Wed, 13 Aug 2008 14:58:38 -0500 Subject: FW: change in Listserv email address Thread-Topic: change in Listserv email address Thread-Index: Acj9VlgkrTPJ6IlMQy2oGiYT/1KrwgAACBcA Message-ID: <[EMAIL PROTECTED]> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US x-originalarrivaltime: 13 Aug 2008 15:09:34.0657 (UTC) FILETIME=[98704B10:01C8FD56] x-ironport-av: E=Sophos;i="4.32,201,1217826000"; d="scan'208,217";a="6997685" delivered-to: [EMAIL PROTECTED] x-original-to: [EMAIL PROTECTED] Content-Type: multipart/alternative; boundary="_000_4EDB8E2A7232FA43B495A019D02B505A364C5CB304MAILMBX02MAIL_" MIME-Version: 1.0 -- Christopher Adams [EMAIL PROTECTED]
