getting loops on multi-instance configuration
Hi all. Im getting a loop in my postfix-multi configuration, and cant see what is wrong. I try to follow the README [1] as close as i could. Here is a sample of /var/log/mail after a email is received: Mar 4 18:43:28 vmailmulti postfix-in/smtpd[28733]: connect from mail.fmed.uba.ar[157.92.152.1] Mar 4 18:43:28 vmailmulti postfix-in/smtpd[28733]: 4DD09D81D1: client=mail.fmed.uba.ar[157.92.152.1] Mar 4 18:43:28 vmailmulti postfix-in/cleanup[28735]: 4DD09D81D1: message-id=4b902860.6060...@fmed.uba.ar Mar 4 18:43:28 vmailmulti postfix-in/qmgr[28731]: 4DD09D81D1: from=gher...@fmed.uba.ar, size=726, nrcpt=1 (ueue active) Mar 4 18:43:28 vmailmulti postfix-in/smtpd[28733]: disconnect from mail.fmed.uba.ar[157.92.152.1] Mar 4 18:43:32 vmailmulti postfix-out/smtpd[28737]: connect from localhost[127.0.0.1] Mar 4 18:43:32 vmailmulti postfix-out/smtpd[28737]: 9EFA2D81D2: client=mail.fmed.uba.ar[157.92.152.1] Mar 4 18:43:32 vmailmulti postfix-out/cleanup[28739]: 9EFA2D81D2: message-id=4b902860.6060...@fmed.uba.ar Mar 4 18:43:32 vmailmulti postfix-out/smtpd[28737]: disconnect from localhost[127.0.0.1] Mar 4 18:43:32 vmailmulti postfix-out/qmgr[28668]: 9EFA2D81D2: from=gher...@fmed.uba.ar, size=1398, nrcpt=1(queue active) Mar 4 18:43:32 vmailmulti postfix-in/smtpd[28733]: connect from unknown[157.92.152.62] Mar 4 18:43:32 vmailmulti postfix-in/smtpd[28733]: AA33AD81D3: client=unknown[157.92.152.62] Mar 4 18:43:32 vmailmulti postfix-in/cleanup[28735]: AA33AD81D3: message-id=4b902860.6060...@fmed.uba.ar Mar 4 18:43:32 vmailmulti amavis[28480]: (28480-04) Passed SPAMMY, [157.92.152.1] [157.92.152.105] gher...@fed.uba.ar - gher...@vmail.fmed.uba.ar, Message-ID: 4b902860.6060...@fmed.uba.ar, mail_id: x6Po8fRtlSTq, its: 6.333, size: 726, queued_as: 9EFA2D81D2, 4351 ms Mar 4 18:43:32 vmailmulti postfix-in/smtp[28736]: 4DD09D81D1: to=gher...@vmail.fmed.uba.ar, relay=127.0.0.1127.0.0.1]:10025, delay=4.4, delays=0.03/0.01/0/4.4, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=28480-04, from MA([127.0.0.1]:10026): 250 2.0.0 Ok: queued as 9EFA2D81D2) Mar 4 18:43:32 vmailmulti postfix-in/qmgr[28731]: 4DD09D81D1: removed Mar 4 18:43:32 vmailmulti postfix-in/smtpd[28733]: disconnect from unknown[157.92.152.62] Mar 4 18:43:32 vmailmulti postfix-in/qmgr[28731]: AA33AD81D3: from=gher...@fmed.uba.ar, size=1599, nrcpt=1 queue active) Mar 4 18:43:32 vmailmulti postfix-out/smtp[28740]: 9EFA2D81D2: to=gher...@vmail.fmed.uba.ar, relay=vmail.fmd.uba.ar[157.92.152.62]:25, delay=0.08, delays=0.04/0.01/0/0.02, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued s AA33AD81D3) Mar 4 18:43:32 vmailmulti postfix-out/qmgr[28668]: 9EFA2D81D2: removed Mar 4 18:43:36 vmailmulti postfix-out/smtpd[28737]: connect from localhost[127.0.0.1] Mar 4 18:43:36 vmailmulti postfix-out/smtpd[28737]: B8EEED81D1: client=unknown[157.92.152.62] Mar 4 18:43:36 vmailmulti postfix-out/cleanup[28739]: B8EEED81D1: message-id=4b902860.6060...@fmed.uba.ar Mar 4 18:43:36 vmailmulti postfix-out/smtpd[28737]: disconnect from localhost[127.0.0.1] Mar 4 18:43:36 vmailmulti postfix-out/qmgr[28668]: B8EEED81D1: from=gher...@fmed.uba.ar, size=2097, nrcpt=1(queue active So, the email comes to postfix-in, it send trough amavis, and later a new (repeated) mail appear. It never goes to the central hub. Eventualy, i get Mar 4 18:48:17 vmailmulti postfix-out/smtp[28770]: 80A9AD814C: to=gher...@vmail.fmed.uba.ar, relay=vmail.fmed.uba.ar[157.92.152.62]:25, delay=385, delays=385/0.01/0.01/0.02, dsn=4.4.0, status=deferred (host vmail.fmed.uba.ar[157.92.152.62] said: 454 4.4.0 Error: too many hops (in reply to end of DATA command)) Here is my config files: /etc/postfix-in/main.cf soft_bounce = yes queue_directory = /var/spool/postfix-in command_directory = /usr/sbin daemon_directory = /usr/lib/postfix data_directory = /var/lib/postfix-in mail_owner = postfix inet_interfaces = all mydestination = local_recipient_maps = unknown_local_recipient_reject_code = 550 alias_maps = alias_database = debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id sleep 5 sendmail_path = /usr/sbin/sendmail newaliases_path = /usr/bin/newaliases mailq_path = /usr/bin/mailq setgid_group = maildrop html_directory = /usr/share/doc/packages/postfix-doc/html manpage_directory = /usr/share/man sample_directory = /usr/share/doc/packages/postfix-doc/samples readme_directory = /usr/share/doc/packages/postfix-doc/README_FILES master_service_disable = authorized_submit_users = root multi_instance_group = mta multi_instance_name = postfix-in local_transport = error:5.1.1 Mailbox unavaiable local_header_rewrite_clients = default_transport = smtp:[127.0.0.1]:10025 relay_transport = $default_transport virtual_transport = $default_transport smtp_send_xforward_command = yes smtp_destination_recipient_limit = 1000 smtp_data_done_timeout = 1200s smtpd_client_port_logging = no multi_instance_enable = yes
confused about MULTI_INSTANCE readme
Hi all, im reading the docs about setting postifx with multiples instances [1]. At the Setting up the null-client Postfix instance part, there is a sample main.cf which will be a local-submission null client: file, with this: . . # Send everything to the internal mailhub # relayhost = [mailhub.example.com] . . Later in the doc, it mentions The default Postfix instance[...]responsible for local mail submission So, the questions: - That mailhub.example.com should be the name of The default Postfix instance? - Should the null-client Postfix instance be a member of the multi-instance group, with its own conf directory? Thanks! Gerardo [1] http://www.postfix.org/MULTI_INSTANCE_README.html
Re: Any way to avoid message duplication after mailing list expansion?
Gianni Sandigliano wrote: Is there any way to avoid message duplication after mailing list expansion? A quick example: A message is sent:to: al...@mycompany.com cc: theb...@mycompany.com Because theboss is included in Alist (and the sender does not know it...) two copies of the message are delivered to theboss. The desired feature would be: 1) avoid delivering to an address in bcc: list when the same address is already listed in cc: or to: 2) avoid delivering to an address in cc: list when the same address is already listed in to: Is this possible in postfix? Could someone point me in the right direction? Tnks, Gianni I think duplicated mail detection should be done at mta-level. If you are using procmail, there is a simple recipe to do it :0 Wh: msgid.lock | formail -D 8192 msgid.cache HTH Gerardo
Re: python framework for a policy daemon?
Ralf Hildebrandt wrote: Is there a ready to use python framework for a policy daemon? I have a nice idea for a policy daemon :) Well, googling around 'python postfix policy' gives me some, but looks like only do a 'spf' test. http://sourceforge.net/projects/p-ppolicyserver/ http://www.openspf.org/Software http://www.tummy.com/Community/software/tumgreyspf/ Anyway, i will love to colaborate with you, if you like. Cheers. Gerardo
just one account of my domain that is not getting any email
Well. This is weird. One of my co-workers is not getting any mail, not even internal ones. The logs shows that the email is delivered without any problems: this happens when i (gherzig) send an email to my body (mmanoni). Both in the same domain. pampa:/home/mmanoni/Maildir # grep CBCAC39C2F2 /var/log/mail Aug 7 15:36:11 pampa postfix/smtpd[31089]: CBCAC39C2F2: client=mailbis[157.92.155.58], sasl_method=PLAIN, sasl_username=gher...@mail.fmed.uba.ar Aug 7 15:36:11 pampa postfix/cleanup[27050]: CBCAC39C2F2: message-id=4a7c3f4d.4000...@fmed.uba.ar Aug 7 15:36:11 pampa postfix/qmgr[18184]: CBCAC39C2F2: from=gher...@fmed.uba.ar, size=502, nrcpt=1 (queue active) Aug 7 15:36:11 pampa postfix/local[29893]: CBCAC39C2F2: to=mman...@fmed.uba.ar, relay=local, delay=0, status=sent (delivered to command: IFS=' ' exec /usr/bin/procmail || exit 75 #mmanoni) Aug 7 15:36:11 pampa postfix/qmgr[18184]: CBCAC39C2F2: removed See? Looks like the email is going thereBut the email is not reaching his home dir. -Procmail logs shows nothing at all (even putting VERBOSE=on). -Permissions on the dirs looks good. -Any other account is working OK. I just dont have any clue of where starting to look at... This is postfix 2.2.1 running on Suse Linux 9.3 Any ideas? Gerardo
Re: Tip: Restricting mail reception using a remote service's SPF records
Ville Walveranta wrote: Here's the completed script (the IP/CIDR extract worked perfectly -- thanks Barney!): --- #!/bin/sh ORIGINAL=/usr/local/etc/postfix/tables/client_access_maps.cidr NEW=/tmp/postfix_clients.tmp dig +short senderdomain.net TXT | grep 'v=spf1' | egrep -o 'ip4:[0-9./]+' | sed 's/^ip4://' | sed 's/$/ OK/' $NEW ORIGINAL_CK=`cksum $ORIGINAL | awk '{print $1}'` NEW_CK=`cksum $NEW | awk '{print $1}'` if [ -s $NEW ] ; then if [ $ORIGINAL_CK != $NEW_CK ] ; then cp -f $NEW $ORIGINAL postfix reload /dev/null fi fi rm $NEW exit 0 --- It works except that the Postfix refresh message (postfix/postfix-script: refreshing the Postfix mail system) is displayed despite of the attempt to redirect it to /dev/null? Any idea how I could hide it? Ville Try postfix reload 2/dev/null instead Gerardo
Re: Spam attacks
Dave Johnson wrote: Hi all Is there anyway of stopping the from j...@foo.com to j...@foo.com spam attacks? Regards Well. If you are delivering via procmail, you can have a procmail rule like this one (untested, and posibly larger than a experienced procmail user will do, but should work): SHELL=/bin/bash __TO=`formail -z -x 'To:'` __FROM=`formail -z -x 'From:'` :0fw * __TO ?? __FROM | formail -I X-From-And-To-Are-The-Same: Yes ## This will forward the mail, with a X-header that you can chase via a spamassasin rule. I will prefer this way instead of just droping the mail, cause, as many has told you, will probably block legitimate mail. HTH Gerardo
Re: Spam attacks
Paweł Leśniak wrote: W dniu 2009-03-03 17:46, Noel Jones pisze: Some people reject their own domain from outside, unauthenticated clients, but this will certainly reject some amount of legit mail. Could you write a little bit how is it possible to reject legit mail by rejecting unauthenticated clients when all users do use SASL authentication or are in my_networks? Pawel Lesniak Well, some ppl can configure to use their @myhost email, via, lets say @yahoo smtp. This is a legit mail that will be rejected.
throtling / queue management system
Hi all. Im want something for throtling msgs, say if user X sends more than 10 emails/minute, then requeue next msgs from user X with some lower priority. Policyd is not bad, but it rejects emails when the limit is reached. Anyone knows an application like this? Will involve hacking/patching postfix code? Thanks! Gerardo
spammers using my mailserver trough webmai
Hi all. Im facing a ugly situation. Some spammer is using the webmail to send spam. The thing is, hes using an actual account/password (from my server)to authenticate agains the webmail, and then sending mail from UK LOTTO [EMAIL PROTECTED]...crap!! Since i have smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination This dude is authenticated, so...what can i do? Cant i restrict or check the address which is sending and forbidde those which are not of my domain? Thanks! Gerardo
Re: spammers using my mailserver trough webmai
Victor Duchovni wrote: On Thu, Dec 11, 2008 at 02:32:52PM -0300, Gerardo Herzig wrote: Hi all. Im facing a ugly situation. Some spammer is using the webmail to send spam. The thing is, hes using an actual account/password (from my server)to authenticate agains the webmail, and then sending mail from UK LOTTO i...@uklotto.com...crap!! Since i have smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination This dude is authenticated, so...what can i do? Cant i restrict or check the address which is sending and forbidde those which are not of my domain? Change the password for the compromised account. Or do you offer free sign-up? Well, yes, that an option. But seems like a partial solution. About the postfix configuration: There is anything i can do to avoid an account @uklotto (or whatever is not my domain) send mail trough my server? Crap i feel not :( Thanks for the suggestion. Gerardo
Re: spammers using my mailserver trough webmai
Terry Carmen wrote: Hi all. Im facing a ugly situation. Some spammer is using the webmail to send spam. The thing is, hes using an actual account/password (from my server)to authenticate agains the webmail, and then sending mail from UK LOTTO i...@uklotto.com...crap! I'd also recommend switching to a webmail package that doesn't allow the user to specify the from address. If this guy did it, I'm sure his friends will follow soon. Squirrelmail works nicely. Terry Oh, actually im using squirrelmail. Im going to see what i have to do with it now. Thanks! Gerardo
Re: spammers using my mailserver trough webmai
mouss wrote: Gerardo Herzig a écrit : Victor Duchovni wrote: On Thu, Dec 11, 2008 at 02:32:52PM -0300, Gerardo Herzig wrote: Hi all. Im facing a ugly situation. Some spammer is using the webmail to send spam. The thing is, hes using an actual account/password (from my server)to authenticate agains the webmail, and then sending mail from UK LOTTO i...@uklotto.com...crap!! Since i have smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination This dude is authenticated, so...what can i do? Cant i restrict or check the address which is sending and forbidde those which are not of my domain? Change the password for the compromised account. Or do you offer free sign-up? Well, yes, that an option. But seems like a partial solution. About the postfix configuration: There is anything i can do to avoid an account @uklotto (or whatever is not my domain) send mail trough my server? Crap i feel not :( smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/mysenders reject_unauth_destination ... == mysenders: example.com OK Note that this works for the envelope sender, not the From: or reply-To: headers. Oh, that sounds good to me! Thanks mouss! Gerardo
filtering outgoing emails
Hi all. Im looking a way to check outgoing mail for viruses. Im reading http://www.postfix.org/SMTPD_PROXY_README.html, and looks like what im looking for. Im at the right path? I hope so. This is for a 2000 email accounts server, 20 listing mails (some of those with 15000 users), so cant be shure if it fits into heavy or low traffic ^^ Comments and recomendations will be appreciated. Gerardo