Re: from: rhd...@gmail.com
rhdyes, Your account has been comprmised. Change your password ASAP. TO all others, do not click that link. On Mon, Aug 25, 2014 at 1:36 PM, rhd...@gmail.com rhd...@gmail.com wrote: Hello postfix http://mijnmoestetuin.nl/method.php?bawba3101vucrdq rhd...@gmail.com
Re: test only. do not read.
Crud. I read it. Does that initiate armageddon? :) On Tue, Dec 11, 2012 at 8:21 AM, Bruno Costacurta tec...@costacurta.orgwrote: test only. -- Linux Counter # 353844 https://linuxcounter.net/user/**353844.htmlhttps://linuxcounter.net/user/353844.html
Re: need help for controlling authenticated realy
Enforce a better password policy - our work password policy is minimum 8 characters, and 3 out of the 4 of the following: Upper Case Lower case Number Special Character - any shift + top row number) - ie !@#$%^*( By this policy hellowhowareyou wouldn't work because it only has lower case letters. Neither would Hellowhoware you since it only has 2 of the 4. But Hellohowareyou4 would. Or IP based authentication maybe? On Sat, Apr 23, 2011 at 6:45 PM, Rajesh Kumar Mallah mallah.raj...@gmail.com wrote: Hi, We allow relaying of email via our server to our clients using authentication. The problem is that some miscreants have got hold of our clients password and are using our email server to send SPAM after successfully authenticating. Please tell how to control this situation. I was thinking in lines of enforcing policies on even authenticated smtp clients that are pumping SPAM . Eg restrict clients not to send more than 10 emails per minute , etc. Any help would be greatly appreciated. Regds Mallah.
Re: need help for controlling authenticated realy
On Sat, Apr 23, 2011 at 7:17 PM, Daniel Bromberg dan...@basezen.com wrote: Can you stop sending to postfix-us...@cloud9.net? It's messing up my filter and will probably mess up lots of other automated filters as well. Use postfix-users@postfix.org. Sorry - I did a reply all to the e-mail. You should be filtering on another header :) As far as controlling the situation you describe, I'm a bit mystified that common sense damage control techniques are not being used, such as immediately changing all passwords to something difficult and random, then notifying your clients that have a legitimate relationship with you. If legit clients get a failure they'll call/e-mail your help infrastructure. Also, is this a shared password for multiple clients? Definitely a big weakness if so. I'll let the OP answer that question :)
Re: windows avast - postfix 421 error
Have the users disable outbound e-mail scanning. I mean, if the file is on their hard drive, it's already been scanned for virii. To scan it again is silly. On 12/22/2010 12:04 PM, Joseph Conrad wrote: Sorry, I failed to put postconf -n output in my first post... Server: Centos-5.5 postfix-2.3.3-2.1.centos.mysql_pgsql See server log below. Client: MS Windows XP 2002 sp3 avast-5.0.545 behind a NAT router 66.6.120.250 with avast mail scanner on: C:\telnet smtp 25 421 Connection to host lost C:\ with avast mail scanner off I get the normal: C:\telnet smtp 25 Trying 66.36.120.9... Connected to smtp.rockymountains.net (66.36.120.9). Escape character is '^]'. 220 smtp.rockymountains.net ESMTP Postfix [smtp log]# tail -f maillog | grep 66.36.120.250 Dec 22 11:15:36 smtp postfix/smtpd[8084]: connect from mcw-office.rockymountains.net[66.36.120.250] Dec 22 11:15:36 smtp postfix/smtpd[8084]: match_hostaddr: 66.36.120.250 ~? 66.36.112.0/20 Dec 22 11:15:36 smtp postfix/smtpd[8084]: mcw-office.rockymountains.net[66.36.120.250]: 220 smtp.rockymountains.net ESMTP Postfix Dec 22 11:15:36 smtp postfix/smtpd[8084]: mcw-office.rockymountains.net[66.36.120.250]: EHLO Kitten Dec 22 11:15:36 smtp postfix/smtpd[8084]: mcw-office.rockymountains.net[66.36.120.250]: 250-smtp.rockymountains.net Dec 22 11:15:36 smtp postfix/smtpd[8084]: mcw-office.rockymountains.net[66.36.120.250]: 250-PIPELINING Dec 22 11:15:36 smtp postfix/smtpd[8084]: mcw-office.rockymountains.net[66.36.120.250]: 250-SIZE 1024 Dec 22 11:15:36 smtp postfix/smtpd[8084]: mcw-office.rockymountains.net[66.36.120.250]: 250-VRFY Dec 22 11:15:36 smtp postfix/smtpd[8084]: mcw-office.rockymountains.net[66.36.120.250]: 250-ETRN Dec 22 11:15:36 smtp postfix/smtpd[8084]: mcw-office.rockymountains.net[66.36.120.250]: 250-AUTH PLAIN Dec 22 11:15:36 smtp postfix/smtpd[8084]: match_list_match: 66.36.120.250: no match Dec 22 11:15:36 smtp postfix/smtpd[8084]: mcw-office.rockymountains.net[66.36.120.250]: 250-AUTH=PLAIN Dec 22 11:15:36 smtp postfix/smtpd[8084]: mcw-office.rockymountains.net[66.36.120.250]: 250-ENHANCEDSTATUSCODES Dec 22 11:15:36 smtp postfix/smtpd[8084]: mcw-office.rockymountains.net[66.36.120.250]: 250-8BITMIME Dec 22 11:15:36 smtp postfix/smtpd[8084]: mcw-office.rockymountains.net[66.36.120.250]: 250 DSN Dec 22 11:15:36 smtp postfix/smtpd[8084]: match_hostaddr: 66.36.120.250 ~? 66.36.112.0/20 Dec 22 11:15:36 smtp postfix/smtpd[8084]: lost connection after EHLO from mcw-office.rockymountains.net[66.36.120.250] Dec 22 11:15:36 smtp postfix/smtpd[8084]: disconnect from mcw-office.rockymountains.net[66.36.120.250] [smtp log]# postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix debug_peer_level = 2 debug_peer_list = 66.36.120.250, 66.36.120.1, 66.36.120.13 html_directory = no in_flow_delay = 1s inet_interfaces = localhost, 66.36.120.9, 66.36.120.12 mail_owner = postfix mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man mydestination = $myhostname, localhost.$mydomain, localhost mynetworks = 66.36.112.0/20, 65.183.79.0/24, 127.0.0.0/8 newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES sample_directory = /usr/share/doc/postfix-2.3.3/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_path = /var/spool/postfix/private/auth smtpd_sasl_type = dovecot unknown_local_recipient_reject_code = 550 virtual_alias_domains = hash:/etc/postfix/virtual_domain virtual_alias_maps = hash:/etc/postfix/virtual I didn't send the EHLO command or anything of the other commands, I only did the telnet smtp 25 command at the command prompt. Apparently avast sends those commands. I have used postfix for many years as the main server for a small town ISP (about 2000 email accounts) and had to replace an old server with this newer one. Many of my customers use avast/windows and can't send. Any ideas what avast does to trigger the (I assume) concurrency limit? Or better yet, what I can do to get it to stop? Maybe point me to a thread? My apologies in advance, if in my searches I somehow missed the thread that has already dealt with this. Joseph Conrad Mountain Computer Wizards, Inc. Buena Vista, Colorado
Re: windows avast - postfix 421 error
On 12/22/2010 12:50 PM, mouss wrote: The real role of the AV here is to block smtp except to the submission server. but that's only for residential users who don't have a firewall to do that. even for such users, a host firewall (Comodo is free) is a better tool at that. but not sure OP can ask his users to disable smtp scanning on their hosts. I'm confused here - the Avast is at the end users computer, right? Pretty simple. If the user enables Avast mail scanning, and mail can't be sent, then they disable Avast e-mail scanning and it works, tell the user to disable e-mail scanning. Back when I worked at an ISP, we must have told that to users a dozen times a week.
Re: amount of mail
On 05/30/2010 01:59 PM, Leonel Florin Selles wrote: can someone give me an example of how to restrict the amount of mail that a user could send. AFAIK you can't with Postfix directly. You'd need something like policyd http://www.policyd.org/tiki-index.php?page=ModuleFeatures
procmail hitting sometimes but not others?
I know it's overkill, but I run my own postfix (2.6.2) on my server at home. My domain, my mail. Just me. Just switched to IMAP, and figured I'd also like to sync filtering rules, so best way I could see was use procmail. So far, sometimes so good. But every once in a while, a message 'slips' past the procmail and into my mailbox. I've attached postconf -n below, and I've put the filter, header, and verbose procmail output at http://www.espphotography.com/proc.txt . Any obvious reason it isn't hitting? I could gather a few more times it's not hitting - it seems to be literally hit or miss. Same rule, sometimes it hits sometimes it doesn't. Thanks. :) Evan # postconf -n alias_maps = hash:/etc/postfix/aliases biff = no command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix debug_peer_level = 2 header_checks = regexp:/etc/postfix/header_checks inet_interfaces = all mail_owner = postfix mailbox_command = /usr/bin/procmail mailbox_size_limit = 10 mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man message_size_limit = 10 mydomain = espphotography.com myhostname = espphotography.com mynetworks = 168.100.189.0/28, 127.0.0.0/8,192.168.1.0/28,206.176.229.254,216.200.134.0/24,192.168.1.0/24,99.11.230.251 mynetworks_style = subnet newaliases_path = /usr/bin/newaliases queue_directory = /private/var/spool/postfix readme_directory = /usr/share/doc/postfix relayhost = [smtp.comcast.net]:587 sample_directory = /usr/share/doc/postfix/examples sendmail_path = /usr/sbin/sendmail setgid_group = postdrop smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = smtpd_client_event_limit_exceptions = static:everyone smtpd_sasl_path = smtpd smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/access smtpd_tls_cert_file = /System/Library/OpenSSL/certs/smtpd.pem smtpd_tls_key_file = $smtpd_tls_cert_file smtpd_use_tls = yes unknown_local_recipient_reject_code = 550
Re: Local Mails not working
On 12/11/2009 12:16 PM, Daniel V. Reinhardt wrote: Actually the tone in his email was very negative, condescending, and not very constructive. It contained an overtone of being hoiler then thou, and you are stupid I know it all approach. /dev/rob0, failed to address the user on a tech support level. The method and approach by which /dev/rob0 used would have gotten him fired in my place of work. I got this same level of abuse from the Apache list when I asked my question about disabling IPv6 in my apache build. The likelihood of me asking for help on that list is very slim. I expect a person in a position to provide technical support to come down to the level of the person asking for help, and not the other way around. All technical support people should know this, and not offer anymore then that. The overall tone in the email needs to be addressed, and the tone was very insulting. I side with Alexander here. This is a user to user mailing list. (Granted, there may be developers on here, but a good deal of help comes from users to users). So all this talk about The posters tone needs to be addressed and If the poster did this at my place of employment, he'd be fired. is sort of silly. Think of it as if you walked into your local bar and asked the people in the bar your question. You may not always get the right answer, and you may not like the way an answer is given. But are you then going to go up to the bartender and complain how someone answered? Probably not :)
Re: Strange fix? Can't send mail externally but can send locally using Outlook 2003
On Thu, 3 Dec 2009 08:34:14 -0800, you wrote: This is a multi-part message in MIME format. --=_NextPart_000_0042_01CA73F3.65840B00 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit SNIP Folks, We have a user who can't send mail externally but can send mail locally (to people within our domain) when using Outlook 2003. But with Thunderbird the user can send receive both externally internally from the same machine. Naturally if they use any other machine they can send/receive externally using Outlook 2003. So it's just this one machine and it's Outlook 2003 that has the issue. I know it must be a configuration issue but all the settings are correct. I have tried reinstalling Outllook 2003 even cleaning up the registry before re-install. I am pretty confident I haven't missed anything to check but you never know. Has anyone else ever come across a similar issue? I realise this isn't a PostFix issue, or at least I suspect it isn't, but you folks must deal with client side e-mail issues as well as mail server issues so thought I'd poll the list to get some input. I doubt there is anything unique about our set-up. We have a barracuda spam filter in place and mail clients are set to use port 587 to send mail using our mail server. Linux mail.xx.com 2.6.27.25-78.2.56.fc9.i686 #1 SMP Thu Jun 18 12:47:50 EDT 2009 i686 i686 i386 GNU/Linux Postfix is mail_version = 2.5.1 Again if this isn't something I should ask the list please let me know and accept my apologies for the oversight on my part. Please don't post in HTML. And without logs, or at the very least an error message, anything would be at best a guess. May want to ask in an Exchange group as yes, this has nothing to do with postfix.
Re: What Is Causing This Failure
On Tue, 1 Dec 2009 10:03:21 -0500, you wrote: I am getting a report from someone on my network that they are getting delivery failures when attempting to send an email from my Postfix server to the remote mail server. I see the message stuck on my Postfix servers queue: CB87E778055 1337 Mon Nov 30 08:59:15 tprem...@iamghost.com (connect to a.mx.premore.net[198.186.193.20]: No route to host) b...@premore.net I am guessing that this is a problem with the remote mail server 'a.mx.premore.net' since my server is sending and receiving email just fine to every other destination. I then decided to do a MX lookup for this domain premore.net see if there is anything wrong: ;; QUESTION SECTION: ;premore.net. IN MX ;; ANSWER SECTION: premore.net. 3093IN MX 0 a.mx.premore.net. ;; ADDITIONAL SECTION: a.mx.premore.net. 3093IN A 198.186.193.20 However my mail server wont send to this destination address and I have no idea why. Can someone tell me how I can better examine this situation to understand where the fault lies. Thank you! Unless I'm misreading and misunderstanding your logs # telnet 198.186.193.20 25 Trying 198.186.193.20... telnet: connect to address 198.186.193.20: Operation timed out telnet: Unable to connect to remote host The mail server on that IP isn't answering.
Re: What Is Causing This Failure
On Tue, 1 Dec 2009 16:13:02 +0100, you wrote: # telnet 198.186.193.20 25 Trying 198.186.193.20... Connected to 198.186.193.20. Escape character is '^]'. 220 share.docforge.org ESMTP Postfix D'oh... Forgot which machine I was connected to.I tried it on the one that has port 25 blocked by the ISP. :) My bad, sorry :)
Re: If you wanna have some fun...
At 12:53 PM 11/14/2009, you wrote: http://www.SPAM.SPAM.host.sk/BWpzYBwiK2.html As if the .sk isn't enough warning, don't bother clicking on the link. Someoene's either spamming, or got their computer infested.
Re: Rewrite destination domain
Not a 'postfix' answer, but what mail client does he use? Is it one (or two or 3) e-mail addresses? Maybe make a addres book entry for the mistyped address to go to the real address? At 11:34 AM 9/16/2009, you wrote: I have a user who is constantly mistyping a specific domain that he sends mail to on a regular basis. This has been going on for a couple of years, and every time he complains to be about messages not being delivered, or 'being eaten' or something. He is convinced, every time, that my server is doing something wrong. Every time I peruse the logs, find his typo, and sent him log lines. This works for a few days, or weeks, maybe. Then the cycle repeats. He's old, and essentially untrainable. I'm tired of it, and being related to him, I can't fire him. So, I am wondering if I can do something in postfix to rewrite the domain in question (at least the typo is consistent). So, given example.com and given that he emails multiple addresses at example.com and given that he typos it as exapmle.com and given that exapmle.com 1) exists 2) doesn't accept mail connections 3) is not a domain that anyone has ever intentionally tried to send mail to given all that, is there something I can do in postfix to simply rewrite exapmle\.com$ to example.com? Something in smtpd_recipient_restrictions, I'm guessing?
Re: Postfix DKIM
At 03:11 PM 9/9/2009, you wrote: Mark Johnson csps6...@yahoo.com writes: All, I wonder which DKIM should I use for Postfix? Any suggestion? Please read first RFCs. Then you'll realize why we use DKIM. That totally wasn't the question the OP was asking.. :)
Re: How to add more than one recipient on the notice recipient
At 12:55 PM 9/8/2009, you wrote: All, How can I add more one recipient? I want both webmaster and postmaster can receive error email. The default setting: bounce_notice_recipient = postmaster delay_notice_recipient = postmaster error_notice_recipient = postmaster I know Sendmail can just add next to it = postmaster, webmaster, but I have no ideal on the Postfix. Can anyone help? I haven't tried, but one of the below should work: postmaster, webmaster, or create an alias of say bouncerecipient to be postmaster and webmaster...
Re: attachment manipulations
At 10:58 AM 9/1/2009, you wrote: Hi guys I hope some of you can help in this work around I need to do. My internet conection is a very slow one, and most of the email clients are on dialup, so I need to enforce limits to the message size. I'm thinking in those email that arrive with big attachments, some of them are high res pics, or .pps so I'm thinking how can I get the email, extract the attachments, make resolution lower of the images to decrease size (using GD maybe), and rebuild the original message with the modified images. In case of .pps I can compress them. That way I can make smaller the dialup times. Have some of you some ideas about how can I do that? Maybe a filter? I apreciate any colaboration. I'm pretty sure I saw you ask this a few weeks ago with no response, so likely no one has an answer, but IMHO messing with attachments is a bad idea. I sure wouldn't like to have images changed on me. So then if I become the 'exception' - the person who WANTS to see the images at whatever resolution they come to me at, I'm SOL? Maybe a better idea - and this is still something postfix can't (AFAIK) do by itself - strip the attachments and put them onto a seperate folder. Perhaps that's a better solution - remove the attachments from the message, and put them on a FTP folder a user can access. But then you better be ready to start supporting FTP, and walking customers through downloading a FTP program, setting it up, etc. Maybe install webmail? And then if people can log into webmail if they have a large attachment?
Re: postfix performance
At 10:30 AM 8/17/2009, you wrote: All, What do I need to do in order to have better performance on Postfix. I have Centos5 with postfix installed. The mail server is only as a relay mail server and has nothing else. I just make the test and the performance was not good. Outgoing 1K email was around 568 seconds. Any insight is appreciated. Although this will likely be out of my area of being able to help you, someone else here probably can, but you'll want to post relevent logs and postconf -n output. But 568 secoonds, my guess is there's something configured MAJORLY wrong. 10 minutes? DNS lookup failure?
RE: Hash file oddity
At 11:50 AM 7/31/2009, you wrote: PS: Sorry for top posting. OWA doesn't have a good way to do it. Can't you just hit the down arrow or the page down key? :)
RE: Hash file oddity
At 12:00 PM 7/31/2009, you wrote: I guess one could, but then you can't tell where one began and the other ended ;) At least they finally added the ability to select Plain Text as an option when sending the emails from OWA. There should be a append thing (or prepend?) to add a bracket to quoted text... Been a while since I used OWA.
Re: Directory Harvest
At 03:59 PM 7/29/2009, you wrote: It looks like somebody is trying to figure out my internal users as evidenced by log excerpts below. Is there something I could do to, if not prevent this, reduce it? If you're seeing a lot of attempts, I say just block them in your firewall... # whois 93.85.224.123 OrgName:RIPE Network Coordination Centre OrgID: RIPE Address:P.O. Box 10096 City: Amsterdam StateProv: PostalCode: 1001EB Country:NL ReferralServer: whois://whois.ripe.net:43 NetRange: 93.0.0.0 - 93.255.255.255 CIDR: 93.0.0.0/8
postfix and ldap alias users
Thanks all for the previous help getting postfix up and running with ldap / tls.. Finally after I don't even know how many build attempts, ,it's up and running :) My setup is all mail is delivered from a mail host to my postfix from another server. They do ldap lookups which is working fine. I'd like to though just use the ldap also for the postfix delivery - right now I have both /etc/postfix/aliases and the ldap. So when I add an alias, I add it both places. All mail is delivered to one mailbox, pretty much all aliases. In my LDAP, I have my 'account' with the entries under the mail attribute (ali...@espphotography.com ali...@espphotography.com, etc).. A lookup of say testtest: postmap -q testt...@espphotography.com ldap:/etc/postfix/ldap-aliases.cf returns everything - a big long string of all the aliases I have. A test e-mail is rejected: Jul 9 12:25:57 www postfix/smtpd[1507]: connect from example.com[1.2.3.4] Jul 9 12:25:58 www postfix/smtpd[1507]: AF0E22DD758: client=example.com[1.2.3.4] Jul 9 12:25:59 www postfix/cleanup[1510]: AF0E22DD758: message-id=4a564420.8090...@example.com Jul 9 12:25:59 www postfix/qmgr[1334]: AF0E22DD758: from=e...@example.com, size=2351, nrcpt=1 (queue active) Jul 9 12:25:59 www postfix/local[1511]: AF0E22DD758: to=testt...@espphotography.com, relay=local, delay=0.49, delays=0.44/0.02/0/0.03, dsn=5.1.1, status=bounced (unknown user: testtest) Jul 9 12:25:59 www postfix/cleanup[1510]: 127492DD75A: message-id=20090709192559.127492dd...@espphotography.com Jul 9 12:25:59 www postfix/qmgr[1334]: 127492DD75A: from=, size=4191, nrcpt=1 (queue active) Jul 9 12:25:59 www postfix/bounce[1512]: AF0E22DD758: sender non-delivery notification: 127492DD75A Jul 9 12:25:59 www postfix/qmgr[1334]: AF0E22DD758: removed Jul 9 12:26:00 www postfix/smtp[1513]: 127492DD75A: to=e...@example.com, relay=smtp.comcast.net[76.96.62.117]:587, delay=1.5, delays=0.01/0.03/0.66/0.78, dsn=2.0.0, status=sent (250 2.0.0 DvTE1c0073FUpeY3evTEZS mail accepted for delivery) My mail host does a ldap lookup prior to delivery, so ldap is working, but postfix doesn't like it... Any suggestions as to what I'm missing or what's wrong? Info below... Thanks again. :) # cat /etc/postfix/ldap-aliases.cf server_host = 127.0.0.1 server_port = 389 search_base = uid=eplatt, dc=espphotography, dc=com query_filter = mail=%s result_attribute = mail version = 3 bind = no # postconf -n alias_maps = hash:/etc/postfix/aliases, ldap:/etc/postfix/ldap-aliases.cf biff = no command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix debug_peer_level = 2 inet_interfaces = all mail_owner = postfix mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man message_size_limit = 1000 mydomain = espphotography.com myhostname = espphotography.com mynetworks = 168.100.189.0/28, 127.0.0.0/8,192.168.1.0/28,206.176.229.254,216.200.134.0/24,192.168.1.0/24 mynetworks_style = subnet newaliases_path = /usr/bin/newaliases queue_directory = /private/var/spool/postfix readme_directory = /usr/share/doc/postfix relayhost = [smtp.comcast.net]:587 sample_directory = /usr/share/doc/postfix/examples sendmail_path = /usr/sbin/sendmail setgid_group = postdrop smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/saslpass smtp_sasl_security_options = smtpd_client_event_limit_exceptions = static:everyone smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/access smtpd_tls_cert_file = /System/Library/OpenSSL/certs/smtpd.pem smtpd_tls_key_file = $smtpd_tls_cert_file smtpd_use_tls = yes unknown_local_recipient_reject_code = 550
Re: OT: ethics
At 12:37 PM 7/1/2009, you wrote: Wietse says something like Spam is war -- RFCs don't apply. OK, but how about nmap ethics? I've started hitting spam IPs and their nets with nmap to find out who they are and maybe a little of what they're up to (and using the info to decide if the net belongs in my packet filter). What's the opinion of the list? Is this OK, or just plain rude? I'm no attorney, but sounds like a grey area... http://www.securityfocus.com/news/126
Re: A few postfix issues - LDAP / anvil and sasl?
At 06:34 PM 6/22/2009, you wrote: Googling around, a few suggestions seem to be make -f Makefile.init makefiles CCARGS='-DUSE_SASL_AUTH -I/sw/include/sasl -DUSE_TLS -I/usr/include/openssl -DUSE_CYRUS_SASL -I/usr/local/lib/sasl2 -DHAS_SSL -I/usr/local/ssl/include/openssl' AUXLIBS='-L/usr/lib -lldap -L/usr/lib -llber -L/usr/lib -lsasl2 -lssl' I tried this, and the last few lines of make are: FO -DNO_KQUEUE -DHAS_PCRE -I/sw/include -g -O -I. -I../../include -DMACOSX -c smtpd_resolve.c cc -DUSE_SASL_AUTH -I/sw/include/sasl -DUSE_TLS -I/usr/include/openssl -DUSE_CYRUS_SASL -I/usr/local/lib/sasl2 -DHAS_SSL -I/usr/local/ssl/include/openssl -DBIND_8_COMPAT -DNO_NETINFO -DNO_KQUEUE -DHAS_PCRE -I/sw/include -g -O -I. -I../../include -DMACOSX -o smtpd smtpd.o smtpd_token.o smtpd_check.o smtpd_chat.o smtpd_state.o smtpd_peer.o smtpd_sasl_proto.o smtpd_sasl_glue.o smtpd_proxy.o smtpd_xforward.o smtpd_dsn_fix.o smtpd_milter.o smtpd_resolve.o ../../lib/libmaster.a ../../lib/libtls.a ../../lib/libdns.a ../../lib/libxsasl.a ../../lib/libmilter.a ../../lib/libglobal.a ../../lib/libutil.a -L/usr/lib -lldap -L/usr/lib -llber -L/usr/lib -lsasl2 -lssl -L/sw/lib -lpcre -flat_namespace /usr/libexec/gcc/powerpc-apple-darwin8/4.0.1/ld: Undefined symbols: _sasl_set_path Am I on the right path? Any suggestions? Just following up (or bumping if you will) my old thread.. Still running postfix without tls, LDAP or cyrus sasl... # postconf -m btree cidr environ hash pcre proxy regexp static tcp unix Regarding the above make command I tried.. it looks like I have the wrong path specified at one point? Does that sound right? If so, what file is Postfix looking for at each argument, and I can make sure the directory is correct? Or am I troubleshooting this wrong... Thanks. Evan
Re: A few postfix issues - LDAP / anvil and sasl?
At 12:02 PM 6/30/2009, you wrote: You are using header files from SASL 2.1.22 or later, which define SASL_PATH_TYPE_CONFIG, but libraries from a version of SASL that does not have sasl_set_path(). That's way above my head - is there an easy way to fix that? Change the order of -L/sw/lib to put it ahead of -lsasl2. Am I misunderstanding? It is already? (I'm assuming you mean /usr/lib? I don't have a /sw/lib, there's the /usr/lib/ but that is before -lsasl2? make -f Makefile.init makefiles CCARGS='-DUSE_SASL_AUTH -I/sw/include/sasl -DUSE_TLS -I/usr/include/openssl -DUSE_CYRUS_SASL -I/usr/local/lib/sasl2 -DHAS_SSL -I/usr/local/ssl/include/openssl' AUXLIBS='-L/usr/lib -lldap -L/usr/lib -llber -L/usr/lib -lsasl2 -lssl'
Re: Need a resolution to a weird error
At 08:54 PM 6/23/2009, you wrote: Looks as if postifx will not send to mailbox which has close to 50M in the mailbox. Can this be overriden? http://www.postfix.org/postconf.5.html mailbox_size_limit (default: 5120) The maximal size of any http://www.postfix.org/local.8.htmllocal(8) individual mailbox or maildir file, or zero (no limit). In fact, this limits the size of any file that is written to upon local delivery, including files written by external commands that are executed by the http://www.postfix.org/local.8.htmllocal(8) delivery agent. This limit must not be smaller than the message size limit. Or am I misunderstanding ?
Re: A few postfix issues - LDAP / anvil and sasl?
- Original Message From: Barney Desmond barneydesm...@gmail.com To: postfix-users@postfix.org Sent: Monday, June 22, 2009 8:22:45 AM Subject: Re: A few postfix issues - LDAP / anvil and sasl? Are you literally seeing dollars and curly-braces in the logs? If that's obfuscation then it's very unclear. Someone else may have suggestions/corrections for your `make` line, but does ldap now appear in the output of `postconf -m`? Yes, and yes. That's the exact copy and paste from my mail log. I only know enough about anvil to say that you probably don't want, or need, to touch it. Why did you disable anvil? It performs connection rate-limiting to prevent runaway situations. It makes too much noise in the mail log isn't a good excuse. Also, I don't see any anvil=(yes|no) directive, what makes you think it exists? http://www.postfix.org/postconf.5.html#anvil A WHILE back, I had a problem where anvil would pop up, and I googled the entry I received at the time, and the link was If you don't use anvil, disable it in main.cf with anvil = (something)... No, I really don't need / want anvil. My mail is sent to me from my primary MX. My firewall is configured to only allow mail traffic from a few IP's. So... really, no need for anvil. :) I'm no good with LDAP, but I'd suggest trying some manual queries against the table, without postfix. Something like this to see if the results look sane: postmap -q examp...@espphotography.com ldap:/etc/postfix/ldap-aliases.cf I tried a few, they all return nothing.. alias_maps is generally for local delivery, which should mean the lookup key is just a name, not a full email address. Does that match what you have stored in LDAP? D'oh. No, I'll change them. Usually one posts the broken postconf-n output, but we know what you mean (assuming you haven't changed anything else except putting in LDAP). Well, I really CAN if you want - however it breaks postfix (all mail is rejected), so I'd rather not. :)
Re: A few postfix issues - LDAP / anvil and sasl?
- Original Message From: Wietse Venema wie...@porcupine.org To: Evan Platt phireph...@yahoo.com Cc: postfix-users@postfix.org Sent: Monday, June 22, 2009 9:12:36 AM Subject: Re: A few postfix issues - LDAP / anvil and sasl? You installed Postfix, and then you copied the old master.cf/main.cf files over the new files. To fix the old configuration files: # postfix upgrade-configuration d'oh! Yes, I missed that.. Just ran it.. That's solved (so far) the postfix errors, I ran it, didn't see any errors on output, and don't see anything obviously changed in main.cf or master.cf... I do still see Jun 22 09:53:22 www postfix/smtpd[12728]: warning: smtpd_sasl_auth_enable is true, but SASL support is not compiled in Jun 22 09:53:22 www postfix/smtpd[12728]: warning: TLS has been selected, but TLS support is not compiled in So I'm unable to use port 587 to my relayhost... Is there something else I'm missing? Thanks again. Evan Is there a way to completely disable anvil?
Re: A few postfix issues - LDAP / anvil and sasl?
Googling around, a few suggestions seem to be make -f Makefile.init makefiles CCARGS='-DUSE_SASL_AUTH -I/sw/include/sasl -DUSE_TLS -I/usr/include/openssl -DUSE_CYRUS_SASL -I/usr/local/lib/sasl2 -DHAS_SSL -I/usr/local/ssl/include/openssl' AUXLIBS='-L/usr/lib -lldap -L/usr/lib -llber -L/usr/lib -lsasl2 -lssl' I tried this, and the last few lines of make are: FO -DNO_KQUEUE -DHAS_PCRE -I/sw/include -g -O -I. -I../../include -DMACOSX -c smtpd_resolve.c cc -DUSE_SASL_AUTH -I/sw/include/sasl -DUSE_TLS -I/usr/include/openssl -DUSE_CYRUS_SASL -I/usr/local/lib/sasl2 -DHAS_SSL -I/usr/local/ssl/include/openssl -DBIND_8_COMPAT -DNO_NETINFO -DNO_KQUEUE -DHAS_PCRE -I/sw/include -g -O -I. -I../../include -DMACOSX -o smtpd smtpd.o smtpd_token.o smtpd_check.o smtpd_chat.o smtpd_state.o smtpd_peer.o smtpd_sasl_proto.o smtpd_sasl_glue.o smtpd_proxy.o smtpd_xforward.o smtpd_dsn_fix.o smtpd_milter.o smtpd_resolve.o ../../lib/libmaster.a ../../lib/libtls.a ../../lib/libdns.a ../../lib/libxsasl.a ../../lib/libmilter.a ../../lib/libglobal.a ../../lib/libutil.a -L/usr/lib -lldap -L/usr/lib -llber -L/usr/lib -lsasl2 -lssl -L/sw/lib -lpcre -flat_namespace /usr/libexec/gcc/powerpc-apple-darwin8/4.0.1/ld: Undefined symbols: _sasl_set_path Am I on the right path? Any suggestions? Thanks. :)
A few postfix issues - LDAP / anvil and sasl?
My setup is I get my mail from a relay host - they perform A/V and anti spam. So if I can set up a ldap server, they can query for valid domains. I've recompiled postfix with ldap support (I hope!), but it doesn't appear postfix is using the aliases in my ldap. My setup is I have one mailbox on my server (eplatt) and all valid mail goes to it. So my aliases consists of example1:eplatt example2:eplatt webmaster:eplatt etc. Everything was working until (murphys law) I reinstalled to enable ldap support. I reinstalled with: make -f Makefile.init makefiles 'PREFIX=/etc/postfix ' 'CCARGS=-DUSE_TLS -I/sw/include/sasl -DUSE_SASL_AUTH -DUSE_CYRUS_SASL ' 'AUXLIBS=-L/opt/local/lib -lsasl2 -lssl -lcrypto' 'CCARGS='-I/usr/local/include -DHAS_LDAP' AUXLIBS='-L/usr/local/lib -lldap -L/usr/local/lib -llber' I'm seeing in the mail.log: Jun 21 11:47:48 www ${multi_instance_name: postfix}${multi_instance_name?$multi_instance_name}/master[7111]: reload -- version 2.6.2, configuration /etc/postfix Second, I've disabled anvil in master.cf, but I still see: Jun 21 11:48:27 www postfix/smtpd[7132]: warning: connect to private/anvil: Connection refused Jun 21 11:48:27 www postfix/smtpd[7132]: warning: problem talking to server private/anvil: Connection refused I recall (but can't find it on google) adding anvil=no in main.cf? I've included my postconf -n at the end, but can anyone help and advise what I'm doing wrong? I have uid=eplatt,dc=espphotography,dc=com and names of mail, value of examp...@espphotography.com, examp...@espphotography.com , etc. with alias_maps = ldap:/etc/postfix/ldap-aliases.cf ldap-aliases.cf: server_host = localhost search_base = dc=espphotography, dc=com all mail is rejected: Jun 20 12:43:37 www postfix/smtpd[1703]: NOQUEUE: reject: RCPT from unknown[192.168.1.4]: 550 5.1.1 examp...@espphotography.com: Recipient address rejected: User unknown in local recipient table; from=e...@espphotography.com to=examp...@espphotography.com proto=ESMTP helo=mylaptop.espphotography.com Below is my postconf.n. Anything I'm missing , please let me know. Thanks! # postconf -n alias_database = hash:/etc/postfix/aliases alias_maps = hash:/etc/postfix/aliases broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 html_directory = no inet_interfaces = all mail_owner = postfix mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man message_size_limit = 1000 mydomain = espphotography.com myhostname = espphotography.com mynetworks_style = subnet newaliases_path = /usr/bin/newaliases queue_directory = /private/var/spool/postfix readme_directory = /usr/share/doc/postfix relayhost = [smtp.comcast.net]:587 sample_directory = /usr/share/doc/postfix/examples sendmail_path = /usr/sbin/sendmail setgid_group = postdrop smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $mydomain smtpd_sasl_security_options = noanonymous smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/access smtpd_tls_cert_file = /System/Library/OpenSSL/certs/smtpd.pem smtpd_tls_key_file = $smtpd_tls_cert_file smtpd_use_tls = yes unknown_local_recipient_reject_code = 550
Re: A few postfix issues - LDAP / anvil and sasl?
I should add - this is a OS/X 10.4 box if that makes a difference (workstation). - Original Message From: Evan Platt phireph...@yahoo.com To: postfix-users@postfix.org Sent: Sunday, June 21, 2009 6:38:24 PM Subject: A few postfix issues - LDAP / anvil and sasl? My setup is I get my mail from a relay host - they perform A/V and anti spam. So if I can set up a ldap server, they can query for valid domains. I've recompiled postfix with ldap support (I hope!), but it doesn't appear postfix is using the aliases in my ldap. My setup is I have one mailbox on my server (eplatt) and all valid mail goes to it. So my aliases consists of example1:eplatt example2:eplatt webmaster:eplatt etc. Everything was working until (murphys law) I reinstalled to enable ldap support. I reinstalled with: make -f Makefile.init makefiles 'PREFIX=/etc/postfix ' 'CCARGS=-DUSE_TLS -I/sw/include/sasl -DUSE_SASL_AUTH -DUSE_CYRUS_SASL ' 'AUXLIBS=-L/opt/local/lib -lsasl2 -lssl -lcrypto' 'CCARGS='-I/usr/local/include -DHAS_LDAP' AUXLIBS='-L/usr/local/lib -lldap -L/usr/local/lib -llber' I'm seeing in the mail.log: Jun 21 11:47:48 www ${multi_instance_name: postfix}${multi_instance_name?$multi_instance_name}/master[7111]: reload -- version 2.6.2, configuration /etc/postfix Second, I've disabled anvil in master.cf, but I still see: Jun 21 11:48:27 www postfix/smtpd[7132]: warning: connect to private/anvil: Connection refused Jun 21 11:48:27 www postfix/smtpd[7132]: warning: problem talking to server private/anvil: Connection refused I recall (but can't find it on google) adding anvil=no in main.cf? I've included my postconf -n at the end, but can anyone help and advise what I'm doing wrong? I have uid=eplatt,dc=espphotography,dc=com and names of mail, value of examp...@espphotography.com, examp...@espphotography.com , etc. with alias_maps = ldap:/etc/postfix/ldap-aliases.cf ldap-aliases.cf: server_host = localhost search_base = dc=espphotography, dc=com all mail is rejected: Jun 20 12:43:37 www postfix/smtpd[1703]: NOQUEUE: reject: RCPT from unknown[192.168.1.4]: 550 5.1.1 examp...@espphotography.com: Recipient address rejected: User unknown in local recipient table; from=e...@espphotography.com to=examp...@espphotography.com proto=ESMTP helo=mylaptop.espphotography.com Below is my postconf.n. Anything I'm missing , please let me know. Thanks! # postconf -n alias_database = hash:/etc/postfix/aliases alias_maps = hash:/etc/postfix/aliases broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 html_directory = no inet_interfaces = all mail_owner = postfix mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man message_size_limit = 1000 mydomain = espphotography.com myhostname = espphotography.com mynetworks_style = subnet newaliases_path = /usr/bin/newaliases queue_directory = /private/var/spool/postfix readme_directory = /usr/share/doc/postfix relayhost = [smtp.comcast.net]:587 sample_directory = /usr/share/doc/postfix/examples sendmail_path = /usr/sbin/sendmail setgid_group = postdrop smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $mydomain smtpd_sasl_security_options = noanonymous smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/access smtpd_tls_cert_file = /System/Library/OpenSSL/certs/smtpd.pem smtpd_tls_key_file = $smtpd_tls_cert_file smtpd_use_tls = yes unknown_local_recipient_reject_code = 550
Re: hostnames are not resolving
At 11:03 AM 5/28/2009, you wrote: Hi there, I am finding log entries with all the connections from unknown why isnt the inverse hostname places in the postfix log? May 28 11:01:58 enabled postfix/smtpd[14960]: connect from unknown[88.252.82.203] No reverse DNS for that IP address. # nslookup 88.252.82.203 Server: 127.0.0.1 Address:127.0.0.1#53 ** server can't find 203.82.252.88.in-addr.arpa.: NXDOMAIN
Looking for a little (offlist?) help with ldap integration
I know this is somewhat offtopic, but hopefully someone here can / is willing to help me out a little... :) I run a mail server for me, myself, and I. I create aliases as needed to 'tag' where an address goes - ie if I sign up for ABC Corp, I might give them abccorp@ my domain. My mail server is set up that for my domain, my primary MX is a anti-spam antivirus server. Mail is scanned, then delivered to my postfix. As such, mail will ONLY come from a few IP's. (I guess the above isn't quite related to this, but just some background). Because of this, every mail is accepted - mail to sadnfkjsdnfkasd @ mydomain is accepted as long as it's not deemed spam. My mail provider says they can query an LDAP database, but can't offer much assistance to me in setting it up. Baiscally now I use /etc/posfix/aliases, but that's obviously useless for LDAP. My aliases consists of aliases redirected to one account (I really only have one mail account, every alias directs to that). So I'm looking for a little help with the easiest way to convert this aliases to use for LDAP. I've read quite a few help pages, but not sure if I'm finding the right one or what the right way to do this is. This is on a OS/X client box, and I have webmin and ldapadmin (Windows GUI interface to ldap server).. I've provided my postconf -n output below.. Apppreciate any help! Thanks! Evan # postconf -n alias_database = hash:/etc/postfix/aliases alias_maps = hash:/etc/postfix/aliases command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix debug_peer_level = 2 inet_interfaces = all mail_owner = postfix mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man message_size_limit = 0 mydomain = espphotography.com mydomain_fallback = localhost myhostname = espphotography.com mynetworks = 192.168.1.0/24,216.200.134.247 mynetworks_style = subnet newaliases_path = /usr/bin/newaliases queue_directory = /private/var/spool/postfix readme_directory = /usr/share/doc/postfix relayhost = [smtp.comcast.net]:587 sample_directory = /usr/share/doc/postfix/examples sendmail_path = /usr/sbin/sendmail setgid_group = postdrop smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/saslpass smtp_sasl_security_options = noanonymous smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/access smtpd_tls_cert_file = /System/Library/OpenSSL/certs/smtpd.pem smtpd_tls_key_file = $smtpd_tls_cert_file smtpd_use_tls = yes unknown_local_recipient_reject_code = 550
Re: Looking for a little (offlist?) help with ldap integration
At 12:22 PM 4/16/2009, you wrote: On 4/16/2009 3:11 PM, Evan Platt wrote: My mail provider says they can query an LDAP database, but can't offer much assistance to me in setting it up. Baiscally now I use /etc/posfix/aliases, but that's obviously useless for LDAP. Surprising - they can't do recipient verification (doesn't require LDAP, just relies on an honest answer from your server)? I can ask... I don't think so since when I've brought this up in the past, the response is 'get an ldap server dude!' In that case, what I'd do is use plus-addressing instead of making up fullblown aliases on the fly. So - if my username is joesmith, use say joesmith+abcincorporated @ mydomain . com? Well, the problem still is I'd rather have them reject the e-mail rather then accept then deliver.. Your anti-spam service provider should have the ability to simply define a list of valid users via flat file if nothing else Well, the problem is whenever I sign up for a list or make a purchase, I create a new one, so I'd be sending them a list pretty often, hence the idea of LDAP. (if they can't, I'd switch providers), so just make sure they support plus addressing, and give them your one (or however many) valid emails and be done with it.. Well, the price for them is right - free :) But the problem is dynamics. I don't want to have to bug them every time I add or remove an address... :) Evan
Re: Looking for a little (offlist?) help with ldap integration
At 12:44 PM 4/16/2009, you wrote: No... as long as they support plus addressing, you give them your main address - joesm...@example.com - then they will accept anything addressed to joesmith+anyth...@example.com, and reject everything else. That's still back at square one.. I often see my addresses sold, and since every address is 'accepted', people never get the 'hint' that an address is no longer valid. So if I sign up for ABCInc, and use evan+abcinc, then see it's been sold and gets spammed, if they actually rejected it, the theory is since it would be rejected, people would get the hint it's not valid. You said you only had one real address and everything else was aliased to it. Of course, you'd have to give them the CURRENT list of aliases in use, but just don't create any more aliases. Then you'd only have to send them an update when you encounter a service that doesn't let you use a plussed address (rare, but it happens), in which case you'd have to create another regular alias. Well, the problem is I do. Maybe it's OCD, but I like to track where my address is used and obtained from, hence LDAP :)
Re: Special Characters in Address
At 03:54 PM 3/23/2009, you wrote: Hello all, I'm having an issue that I believe is coming from Postfix. I am sending mail to an address which contains special characters. Those characters aid me in routing the mail but unfortunately it seems to be rejected before being relayed. The format is as follows, a block of text followed by an = followed by more text and a number, followed by a | and then numbers @ the http://domain.comdomain.com ie: text=option1|mailto:123456...@address.com123456...@address.com. When sending from Gmail for instance I get the following error: Technical details of permanent failure: Google tried to deliver your message, but it was rejected by the recipient domain. We recommend contacting the other email provider for further information about the cause of this error. The error that the other server returned was: 501 501 5.1.3 Bad recipient address syntax (state 14). Also, I am seeing the following error in Postfix: '501 5.1.3 Bad recipient address syntax' Any suggestions or assistance would be greatly appreciated. Thanks I'm certainly no Postfix expert, pretty straightforward install... but I tried setting up an account, and it worked fine - So, likely anyone who can help you will need / want postconf -n entries from mail log showing the reject Not sure what else... But here's my mail log showing the mail accepted. Mar 23 16:01:03 www postfix/qmgr[11482]: 3FE281DA4E8: from=m...@anotherdomain.com, size=2313, nrcpt=1 (queue active) Mar 23 16:01:03 www postfix/local[13208]: 3FE281DA4E8: to=m...@mydomain.com, orig_to=text=option1|123456...@espphotography.com, relay=local, delay=0, status=sent (delivered to mailbox) Mar 23 16:01:03 www postfix/qmgr[11482]: 3FE281DA4E8: removed I use one main mailbox and /etc/postfix/aliases ... Evan
Re: Content Filters - Body Matching
At 01:38 PM 3/9/2009, you wrote: Hello, I have a restriction that mandates only certain types of email to be allowed outbound. If an email does not match a pattern, they want that email BCCed to another account. Reading the documentation, I see that body_checks isn't a good way to filter multiple lines and that I should use something like Spamassassin (version 3.2.4). I have that installed and working with Postfix (version 2.2.10). The issue is how can I guarantee that only email fitting a certain pattern will go through and others won't? Has anyone had a setup similar to this, and is Spamassassin the best filter for this kind of setup? Spamassassin won't work as Spamassassin cannot 'stop' mails. SA only assigns scores. What you do with a message SA flagged (or rather scored) as Spam or not spam is up to you.
Re: to/orig_to control
At 04:07 PM 3/4/2009, you wrote: when you have to=j...@example.net, orig_to=j...@example.com in the maillog file, that translation is handled by /etc/postfix/virtual, isn't it? If j...@example.com is not in /etc/postfix/virtual, where else could this be controlled? I did grep -ir jo...@example.com /etc/postfix/ and got 0 hits, so it's not in virtual or virtual.db. I also went ahead and did grep -ir john \...@example.com /etc/ and still got 0 hits. other virtual addresses in example.com show up in both /etc/postfix/virtual and /etc/postfix/ virtual.db and yet mail to 'john' is getting translated and delivered. Could be in aliases too, but that should show (assuming your aliases is in /etc/postfix) with a grep ...
Re: Email delivered to wrong person.
At 02:39 PM 1/29/2009, you wrote: Hello I just got this postfix server going a few days ago. I have one person receiving some emails that are not address to him. Yes they are spam and I am running spamassassin. But looking at the headers it should not be delivered to the one person at all. Here is an example header. Unless I'm missing something, he was BCC'd. Common tactic of spammers. I e-mail some...@example.com , bcc you, you'd see To:some...@example.com ..
Re: looking to pay for problem solving on minor Postfix issue
While I'll probably get flamed for this... asbestos suit on There are probably tons of people who'd jump at the chance for this - easy money. I'm one of them - I love easy money. If I knew enough postfix, I'd jump on this. But as it is, I know just enough to be dangerous. Your best bet is to - excuse the expression - RTFM, follow along with it, and ask questions as they come up. Sure, you could pay someone to set it up and configure it for you, but when something breaks, which WILL happen, you'll then likely have to pay someone to fix it, whereas if YOU set it up, if YOU RTFM'd, if YOU configured it, you'd be more likely to know how to fix any potential problems that creep up. And, as others have pointed out, you don't yet have a working firewall, or at least the know how on creating one. That should be step one Then worry about postfix. Just my .02... /Flame Off PS: A lot of people block posts from Nabble. You may want to consider joining the group directly. At 10:19 AM 1/28/2009, MountainX wrote: If you are a Postfix expert, I am willing to pay for your help (via email, chat, etc.) to resolve several minor problems I'm having with Postfix (you've probably some of them seen on this list). I can pay via PayPal. (I know how consulting relationships work. I'm serious. I have paid for consulting like this many times before on various open source projects over the last year or more.) Who has some time available now?
Re: Aliases question - can I alias a user name to a name that is not a local user account?
At 10:37 PM 1/28/2009, you wrote: What's with you guys on this list who have the answers yet are just handing out clues one by one and making me guess about the answer over the course of several email exchanges? Fortunately, there are some guys on this list that don't engage in those psychological games and I have greatly benefited from their help and I do appreciate it! I for one believe in the Lead a horse to water phrase Even though Aaron was somewhat blunt and to the point, I have to almost agree. I count almost 30 messages from you today alone, a majority of which would have been solved by some reading of the documentation.
Re: turn off bounce messages?
At 12:28 PM 1/16/2009, you wrote: Would it make it harder for those sending spam? I was wondering if it would make it harder if spammers got nothing. How many spammers do you think use a valid return address? Spammers likely 'get nothing' now
Re: Cannot connect to smtp server
At 08:56 PM 1/8/2009, you wrote: i have recently shifted to a different place. Uhhh do you mean a new internet provider? Or something else? I had a functioning postfix setup on my laptop but it is not working in this new place. I'm confused. Why are you running postfix on a laptop? I use gmail's smtp server to send e-mail. Why not use the SMTP server provided by your ISP? Please note the following. 1. Internet works fine. 2. Evolution can send e-mail using the same smtp server account 3. I cannot ping any address on the internet. Sounds like a ISP issue.. When I send the mail, it just stays in the queue. The results of mailq, tail /var/log/mail.log, and postconf -n are pasting below for reference. From the laptop, what happens when you telnet smtp.gmail.com 25 I shall be grateful if someone could help sort this out. relayhost = [smtp.gmail.com] Do you have the brackets in the main.cf? Not sure if that will cause a problem or not.
Re: Cannot connect to smtp server
At 09:26 PM 1/8/2009, you wrote: Quite the contrary -- they SHOULD be there in order to suppress MX lookups of the relayhost name. See the documentation. Huh. Yer right. Never had that in my main.cf - never had a problem either. I added it and reloaded. Thanks for the edumacation :)
Re: Cannot connect to smtp server
Please send your replies to the list, not to me. At 09:58 PM 1/8/2009, you wrote: From the laptop, what happens when you telnet smtp.gmail.com 25 telnet smtp.gmail.com 25 Trying 66.249.93.109... Trying 66.249.93.111... telnet: Unable to connect to remote host: Connection refused But gmail does not only use port 25. It uses port 465 (with ssl) and 587 (with tls) as well. I can telnet to port 465. telnet smtp.gmail.com 465 Trying 66.249.93.111... Connected to gmail-smtp-msa.l.google.com. Escape character is '^]'. It occurred to me when I wrote the above that my postfix was using port 587. I have now changed the transport and sasl_passwd files to point them to port 465. The log now has the following. Jan 9 05:52:53 panahar postfix/smtp[8128]: 683BC11B785: conversation with smtp.gmail.com[66.249.93.109] timed out while receiving the initial server greeting Jan 9 05:53:53 panahar postfix/smtp[8157]: 37F8711B773: conversation with smtp.gmail.com[66.249.93.111] timed out while receiving the initial server greeting Any ideas? Vikas
Re: Cannot connect to smtp server
At 09:20 PM 1/8/2009, you wrote: From the laptop, what happens when you telnet smtp.gmail.com 25 My bad, this should be telnet smtp.gmail.com 587
Re: Allowing return email
Why not do this in your MTA? Maybe a procmail recipe, etc? At 09:41 AM 1/3/2009, you wrote: Greetings: I'm running several spam-filtering tools including Postgrey, SpamAssassin, etc. I would like to make replying to mail I have sent easier. How can I automatically white-list addresses to whom I have sent email? Thanks, Chris
Query my postfix aliases file as a LDAP server?
My primary MX record for my domain is an anti-spam server. This server then delivers to my mail server (so basically my postfix and firewall only allow smtp connections from a few IP's). However the problem is the anti-spam server essentially allows anything at my domain - [EMAIL PROTECTED], etc. I maintain a list of allowed aliases in postfix - /etc/postfix/aliases. My anti-spam server can query an ldap server, and then reject at SMTP time, any invalid e-mail addresses. So basically, is there a way for postfix to act as a LDAPS server and allow a outside server query to check if a alias is valid? Hope this makes sense... I'm running Postfix 2.1.5 - I can obviously provide my postconf -n, but not sure that's needed.. Thanks. :) Evan
OT: When Out Of Office Replies go bad
Thought most people here would get a kick out of this :) Evan http://news.bbc.co.uk/2/hi/uk_news/wales/7702913.stm When officials asked for the Welsh translation of a road sign, they thought the reply was what they needed. Unfortunately, the e-mail response to Swansea council said in Welsh: I am not in the office at the moment. Send any work to be translated. So that was what went up under the English version which barred lorries from a road near a supermarket. When they're proofing signs, they should really use someone who speaks Welsh, said journalist Dylan Iorwerth.