Re: The AUTH parameter on MAIL commands
Hi Wietse, Thank you for the information. Just wonder that will Postfix support the Message Submission BURL Extension? Thanks, Jacky On 10/1/2019 8:22 PM, Wietse Venema wrote: Jacky: Hi, Want to set up a dovecot submission server and which will act as a proxy in front of a postfix server. When users deliver email via the dovecot submission proxy, it will authenticate users and deliver mail to postfix submission service. The dovecot submission service support AUTH parameter with the MAIL command (https://tools.ietf.org/html/rfc4954#section-5) and will send the parameter during the connection of the postfix submission server. But it seems that postfix ignored the parameter and treats all users as unauthenticated. Does anyone know how to configure postfix to accept the AUTH parameter? Not documented, therefore not supported. The RFC for that protocol does not require that the SMTP server uses the AUTH=sender parameter. Found doc from google search, but it is for exim only (https://www.exim.org/exim-html-current/doc/html/spec_html/ch-smtp_authentication.html#SECTauthparamail) AUTH=sender has not been necessary in Postfix so it is not yet implemented. Wietse
The AUTH parameter on MAIL commands
Hi, Want to set up a dovecot submission server and which will act as a proxy in front of a postfix server. When users deliver email via the dovecot submission proxy, it will authenticate users and deliver mail to postfix submission service. The dovecot submission service support AUTH parameter with the MAIL command (https://tools.ietf.org/html/rfc4954#section-5) and will send the parameter during the connection of the postfix submission server. But it seems that postfix ignored the parameter and treats all users as unauthenticated. Does anyone know how to configure postfix to accept the AUTH parameter? Found doc from google search, but it is for exim only (https://www.exim.org/exim-html-current/doc/html/spec_html/ch-smtp_authentication.html#SECTauthparamail) Regards, Jacky
Patch IB Driver to ISOLINUX at Rocks Installation Time
Dear all, I am wondering is it possible to add the IB driver to Rocks 5.4's initial boot sequence (isolinux)? Since I don't have Ethernet switch, but IB switch. Therefore, recognizing the IB as internal interface at installation time can be helpful. Is there any experience we can share about? Thank you very much for your valuable time! Yours Sincerely, Jacky Chan - CHAN Hoi Kei, Jacky Technical and User Support Section Information and Communication Technology Office University of Macau DL: (853) 8397 8629 | FAX: (853) 2883 5606
bounce local process consumes high CPU usage
Hi there, I'm running Postfix 2.3.3 and Redhat 5.3 ... the server daily receive 2 ~ 3 messages. And Dovecot IMAP POP3 services run on the same server. I found recently found that bounce, local, procmail and occasionally flush and smtp occupies all CPU usage and result Postfix send/receive hangs up ... By not using 'procmail -t' (soft bounce) for quota exist users, the suitation seems better. But still found local comsume high CPU when a lot of connections made at the same time. The local process cannot exist by itself. I am considering to write a script to kill such process, but wondering when I kill process like bounce, local or flush, what will be the status of the mail being processed by these process? will they resend (bounce, local and flush) or save in corrupt queue? Please advise !! Thank you very much.. Best, Jacky -- View this message in context: http://old.nabble.com/bounce---local-process-consumes-high-CPU-usage-tp27844929p27844929.html Sent from the Postfix mailing list archive at Nabble.com.
Message Size Limit Exceed
Hi all, I would like to ask if the size of message exceeds the one defined in main.cf, how can I configure Postfix to generate a bounce or error notice to user/admins? Thank you very much! Best, Jacky -- View this message in context: http://www.nabble.com/Message-Size-Limit-Exceed-tp24476172p24476172.html Sent from the Postfix mailing list archive at Nabble.com.
Re: Email in Active Queue without delivery attempts
Victor Duchovni wrote: On Tue, Jun 23, 2009 at 07:57:00PM -0700, Jacky Chan wrote: The rate_delay feature was repaired in Postfix 2.5.7. All users of this feature should be using a Postfix release with a mail_release_date after 20090305. +20090305 + + Bugfix: in the new queue manager, the _destination_rate_delay + code needed to postpone the job scheduler updates after + delivery completion, otherwise the scheduler could loop on + blocked jobs. Victor Wietse. File: qmgr/qmgr_entry.c, + qmgr/qmgr_queue.c, qmgr/qmgr_job.c. + Hi Victor, Is it confirmed that my issue caused by this bug? Best Jacky -- View this message in context: http://www.nabble.com/Email-in-Active-Queue-without-delivery-attempts-tp24177852p24179825.html Sent from the Postfix mailing list archive at Nabble.com.
Email in Active Queue without delivery attempts
Dear all, First thx for your help, I implemented a slow mail queue to yahoo in my Postfix 2.5.5 installation. I encountered this issue, some emails to yahoo queued up (just 10 message) at active queue without delivery attempt for 1280. I don't sure why cause it. So I try to manually delivery one to yahoo by myself, and this one delivery immediately and then trigger the else with 1280+ queue time in active queue to be deliverred at the slow mail queue. Before this server goes live, I tried with 1750 messages at a time to yahoo and all delivered withtout this issue for a period of 2 days. This one, the client delivered by 2 batches, 10 for each, the first batch was delivered, but after 2 minutes the second batch started but queued at active queue without delivery attempt. Please refer to the following log message. (I have NOD32 content filter installed.) The one which was successfully delivered Jun 23 17:37:53 mailgw1 postfix-esets/smtpd[20081]: 921202EDD61: client=localhost[127.0.0.1] Jun 23 17:37:53 mailgw1 postfix/cleanup[20041]: 921202EDD61: message-id=20090623093753.77b932ed...@localhost Jun 23 17:37:53 mailgw1 postfix/qmgr[1840]: 921202EDD61: from=a...@abc.om, size=2438, nrcpt=1 (queue active) Jun 23 17:37:53 mailgw1 postfix/smtp[20077]: 77B932EDD64: to=te...@yahoo.com.hk, relay=127.0.0.1[127.0.0.1]:2526, delay=0.2, delays=0.11/0/0/0.09, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 921202EDD61) Jun 23 21:44:49 mailgw1 postfix-slow/smtp[27049]: 921202EDD61: to=te...@yahoo.com.hk, relay=e.mx.mail.yahoo.com[216.39.53.1]:25, delay=14815, delays=0.09/14812/1.1/2, dsn=2.0.0, status=sent (250 ok dirdel) Jun 23 21:44:49 mailgw1 postfix/qmgr[1840]: 921202EDD61: removed The one which was queued at active queue Jun 23 17:39:27 mailgw1 postfix/smtpd[20022]: CCD7F2EDD71: client=clienta[161.64.56.21] Jun 23 17:39:27 mailgw1 postfix/cleanup[20041]: CCD7F2EDD71: message-id=20090623093927.ccd7f2ed...@mailgw1 Jun 23 17:39:27 mailgw1 postfix/qmgr[1840]: CCD7F2EDD71: from=b...@abc.com, size=2056, nrcpt=1 (queue active) Jun 23 17:39:27 mailgw1 postfix/cleanup[20080]: DD0D02EDD6C: message-id=20090623093927.ccd7f2ed...@mailgw1 Jun 23 17:39:28 mailgw1 postfix/smtp[20046]: CCD7F2EDD71: to=te...@yahoo.com.hk, relay=127.0.0.1[127.0.0.1]:2526, conn_use=3, delay=0.18, delays=0.04/0.02/0/0.11, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as DD0D02EDD6C) Jun 23 17:39:28 mailgw1 postfix/qmgr[1840]: CCD7F2EDD71: removed You can notice that CCD7F2EDD71 was removed and queued to DD0D02EDD6C at active queue. mailq give me this DD0D02EDD6C*2444 Tue Jun 23 17:39:27 b...@abc.com te...@yahoo.com.hk And qshape give me this [08:59:09][r...@mailgw1:~]# qshape T 5 10 20 40 80 160 320 640 1280 1280+ TOTAL 11 0 0 0 0 0 0 0 0 11 0 yahoo.com.hk 11 0 0 0 0 0 0 0 0 11 0 When I manually sent a email to te...@yahoo.com.hk (another testing account), this mail delivered. Jun 24 10:13:38 mailgw1 postfix-slow/smtp[13481]: DD0D02EDD6C: to=te...@yahoo.com.hk, relay=f.mx.mail.yahoo.com[98.137.54.237]:25, delay=59651, delays=0.07/59647/1.8/2.3, dsn=2.0.0, status=sent (250 ok dirdel) Jun 24 10:13:38 mailgw1 postfix/qmgr[1840]: DD0D02EDD6C: removed Hope anyone can help Best, Jacky -- View this message in context: http://www.nabble.com/Email-in-Active-Queue-without-delivery-attempts-tp24177852p24177852.html Sent from the Postfix mailing list archive at Nabble.com.
Performance Concerns
Hi all, I am setup Postfix 2.5 to run on Linux box with 2 x 1.2 G PIII and 1280MB RAM server. I also setup a list of firewall rules (iptables) for restricting port 25 access. In compare of own access table in Postfix, which way has better performance when the server is high-loaded? I noticed that there were some discussion on the performance of harddisk, but regarding to my assumption above, I think hard disk performance may not be the biggest factor, is that true? Best, Jacky -- View this message in context: http://www.nabble.com/Performance-Concerns-tp22698113p22698113.html Sent from the Postfix mailing list archive at Nabble.com.
Re: Postfix - Yahoo parameters settings
Ashwin Muni wrote: Can anybody help me solving this issue. I have a major setback with sendgin mails with yahoo. Is there any parameter or any rule to be followed for sending mails to yahoo and hotmail as they normally deffer our mails quite oftenly. == Mar 24 12:40:18 server1 postfix/error[10100]: 61BF3CF526: to= sandeep.ash...@yahoo.co.in, relay=none, delay=234, delays=2.5/232/0/0, dsn=4.4.2, status=deferred (delivery temporarily suspended: conversation with in32.mxauth.yahoo.com[202.86.5.24] timed out while receiving the initial server greeting) Mar 24 12:44:32 suk1 postfix/error[13232]: 92ACACF691: to= doulasdatj...@yahoo.co.in, relay=none, delay=0.42, delays=0.42/0/0/0, dsn=4.4.2, status=deferred (delivery temporarily suspended: conversation with in32.mxauth.yahoo.com[202.86.5.24] timed out while receiving the initial server greeting) Mar 24 12:44:38 suk1 postfix/error[13232]: 4D5C0CF689: to= pree...@yahoo.co.in, relay=none, delay=1.3, delays=1.3/0/0/0, dsn=4.4.2, status=deferred (delivery temporarily suspended: conversation with in32.mxauth.yahoo.com[202.86.5.24] timed out while receiving the initial server greeting) Mar 24 12:44:43 suk1 postfix/error[13232]: 41AC1CF688: to=pr...@yahoo.co.in, relay=none, delay=1.8, delays=1.8/0/0/0, dsn=4.4.2, status=deferred (delivery temporarily suspended: conversation with in32.mxauth.yahoo.com[202.86.5.24] timed out while receiving the initial server greeting) Mar 24 12:44:45 suk1 postfix/error[13232]: E5A37CF6A2: to= pri...@yahoo.co.in, relay=none, delay=1.3, delays=1.3/0/0/0, dsn=4.4.2, status=deferred (delivery temporarily suspended: conversation with in32.mxauth.yahoo.com[202.86.5.24] timed out while receiving the initial server greeting) Mar 24 12:44:48 suk1 postfix/error[13232]: 948E1CF621: to= prsd_ve...@yahoo.co.in, relay=none, delay=1.8, delays=1.8/0/0/0, dsn=4.4.2, status=deferred (delivery temporarily suspended: conversation with in32.mxauth.yahoo.com[202.86.5.24] timed out while receiving the initial server greeting) = Also i dont know why they defer our server mails Mar 24 12:44:47 suk1 postfix/smtp[10336]: 6B2F4CF5AD: host a.mx.mail.yahoo.com[67.195.168.31] said: 421 Message temporarily deferred - 4.16.51. Please refer to http://help.yahoo.com/help/us/mail/defer/defer-06.html (in reply to end of DATA command) -- Ashwin R. Hi, I asked this question before, and you may refer to the following posts http://www.nabble.com/Create-Custom-Mail-Queue-td21577217.html#a21577217 http://www.nabble.com/Defer-Retry-td21722888.html#a21722888 In short, the principle of the setting is to delay the delivery from your Postfix to yahoo. In which rate yahoo can accept. Basically, you may take the following steps as reference, 1. Create a seperate mail for the destination is yahoo, let's name it 'slow' queue (You may search in this mailling list too, someone has asked before) 2. After Postfix 2.5, set slow_destination_rate_delay for certain period of time for 'slow' In my case, I set to 300s. That's mean 5 mins per delivery to yahoo 3. Set slow_destination_concurrency_limit slow_destination_recipient_limit for 'slow' In may case, I set slow_destination_concurrency_limit = 2 slow_destination_recipient_limit = 10 4. In Postfix 2.5.5 or earlier, disable defer retry failure giving up limit for 'slow'. I my case, I set slow_concurrency_failed_cohort_limit = $slow_destination_concurrency_failed_cohort_limit slow_destination_concurrency_failed_cohort_limit = 0 From the above, the 'slow' queue delivers 10 mails per 5 mins to Yahoo. I my case, I can successfully delivery around 1700 message to Yahoo.com.hk with no defer but need to be queued up for 1 day in my server. Hope it helps. Best, Jacky -- View this message in context: http://www.nabble.com/Postfix---Yahoo-parameters-settings-tp22675231p22676835.html Sent from the Postfix mailing list archive at Nabble.com.
Does main.cf need world readable?
Hi all, I found when I set main.cf to 740, owner is root and group is postfix. [11:41:55][use...@nx1:~]# echo testing | mail -s testing root [11:41:58][use...@nx1:~]# send-mail: fatal: open /etc/postfix/main.cf: Permission denied Does main.cf need world readable? If so, the setting in main.cf will be world readable also. Why does it happen? Since man.cf should be loaded to memory when Postfix start, it should not have file access. Best, Jacky -- View this message in context: http://www.nabble.com/Does-main.cf-need-world-readable--tp22406763p22406763.html Sent from the Postfix mailing list archive at Nabble.com.
Re: Does main.cf need world readable?
Sahil Tandon wrote: On Mar 8, 2009, at 11:47 PM, Jacky Chan wrote: I found when I set main.cf to 740, owner is root and group is postfix. [11:41:55][use...@nx1:~]# echo testing | mail -s testing root [11:41:58][use...@nx1:~]# send-mail: fatal: open /etc/postfix/main.cf: Permission denied Does main.cf need world readable? If so, the setting in main.cf will be world readable also. Why does it happen? Since man.cf should be loaded to memory when Postfix start, it should not have file access. You are running the Postfix sendmail(1) command neither as 'root' nor as 'postfix'; but instead, as 'user01'. If you want to submit mail to Postfix this way, do you see why 740 is incorrect? -- Sahil Tandon sa...@tandon.net Thx !! Obviously, user01 cannot read main.cf which is 740 premission. But how come user01 run sendmail either as root or postfix at command line? Simply speaking, send email by mail command at console. Thx!! Best, Jacky -- View this message in context: http://www.nabble.com/Does-main.cf-need-world-readable--tp22406763p22407130.html Sent from the Postfix mailing list archive at Nabble.com.
Defer Retry
Hi all, I implemented slow transport with delay of 5 mins in Postfix 2.5, when my client send a lot of messages at a time, I notice that Postfix active queued queued most of this messages. A symptom occurs when one of the slow transport destination MX temporarly defered the current processing messages in the active queue, the rest of the pending messages will directly be deferred. Is there any default cache setting been enabled? How can I prevent this from happening and thus to force the rest of the messages in the active queue to try deliver by trying another MX hosts of that slow transport destination. Thx. Best regards, Jacky -- View this message in context: http://www.nabble.com/Defer-Retry-tp21722888p21722888.html Sent from the Postfix mailing list archive at Nabble.com.
Re: Defer Retry
[216.39.53.3] refused to talk to me: 421 Message from (161.64.2.15) temporarily deferred - 4.16.50. Please refer to http://help.yahoo.com/help/us/mail/defer/defer-06.html) Jan 30 09:09:35 mailgw1 postfix/error[15341]: B10952EDE00: to=jacky1128...@yahoo.com.hk, relay=none, delay=4.2, delays=0.1/4/0/0.12, dsn=4.0.0, status=deferred (delivery temporarily suspended: host c.mx.mail.yahoo.com[216.39.53.3] refused to talk to me: 421 Message from (161.64.2.15) temporarily deferred - 4.16.50. Please refer to http://help.yahoo.com/help/us/mail/defer/defer-06.html) Victor Duchovni wrote: On Thu, Jan 29, 2009 at 12:47:42AM -0800, Jacky Chan wrote: Hi all, I implemented slow transport with delay of 5 mins in Postfix 2.5, when my client send a lot of messages at a time, I notice that Postfix active queued queued most of this messages. A symptom occurs when one of the slow transport destination MX temporarly defered the current processing messages in the active queue, the rest of the pending messages will directly be deferred. Is there any default cache setting been enabled? How can I prevent this from happening and thus to force the rest of the messages in the active queue to try deliver by trying another MX hosts of that slow transport destination. With Postfix 2.5: slow_destination_concurrency_failed_cohort_limit = 0 to turn off dead-destination detection entirely. Or slow_destination_concurrency_failed_cohort_limit = 10 to require 10 consecutive failures to declare the destination dead. http://www.postfix.org/SCHEDULER_README.html Warning, the above tdocument contains advanced material. -- Viktor. Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. To unsubscribe from the postfix-users list, visit http://www.postfix.org/lists.html or click the link below: mailto:majord...@postfix.org?body=unsubscribe%20postfix-users If my response solves your problem, the best way to thank me is to not send an it worked, thanks follow-up. If you must respond, please put It worked, thanks in the Subject so I can delete these quickly. -- View this message in context: http://www.nabble.com/Defer-Retry-tp21722888p21739964.html Sent from the Postfix mailing list archive at Nabble.com.
Re: Defer Retry
/us/mail/defer/defer-06.html) Jan 30 11:22:22 mailgw1 postfix-slow/smtp[16498]: 78DBD2EDD1A: to=jacky1128...@yahoo.com.hk, relay=g.mx.mail.yahoo.com[206.190.53.191]:25, delay=560, delays=0.14/514/ 46/0, dsn=4.0.0, status=deferred (host g.mx.mail.yahoo.com[206.190.53.191] refused to talk to me: 421 Message from (161.64.2.15) temporarily deferred - 4.16.50. Please refer to http://help.yahoo.com/help/us/mail/defer/defer-06.html) Jan 30 11:22:23 mailgw1 postfix-slow/smtp[16498]: 78DBD2EDD1A: to=jacky1128...@yahoo.com.hk, relay=g.mx.mail.yahoo.com[206.190.53.191]:25, delay=560, delays=0.14/514/ 46/0, dsn=4.0.0, status=deferred (host g.mx.mail.yahoo.com[206.190.53.191] refused to talk to me: 421 Message from (161.64.2.15) temporarily deferred - 4.16.50. Please refer to http://help.yahoo.com/help/us/mail/defer/defer-06.html) Jan 30 11:22:23 mailgw1 postfix/qmgr[16150]: qmgr_queue_throttle: queue yahoo.com.hk: limit 1 window 0 success 0 failure 0 fail_cohorts 1 == The above shows fail_cohorts 1 , I think it reach the default value == == I have restarted Postfix, it seems even I put in master.cf slow unix - - n - 1 smtp -o syslog_name=postfix-slow -o smtp_helo_timeout=10 -o default_destination_concurrency_failed_cohort_limit=0 or in main.cf slow_destination_concurrency_failed_cohort_limit = 0 Doesn't take effect but follows the default value instead. == Jan 30 11:22:23 mailgw1 postfix/qmgr[16150]: qmgr_queue_unthrottle: queue yahoo.com.hk: limit 1 window 1 success 0 failure 0 fail_cohorts 0 Jan 30 11:22:23 mailgw1 postfix/error[16506]: 9C3E92EDD15: to=jacky11287...@yahoo.com.hk, relay=none, delay=560, delays=0.05/560/0/0.04, dsn=4.0.0, status=deferred (d elivery temporarily suspended: host g.mx.mail.yahoo.com[206.190.53.191] refused to talk to me: 421 Message from (161.64.2.15) temporarily deferred - 4.16.50. Please ref er to http://help.yahoo.com/help/us/mail/defer/defer-06.html) Jan 30 11:22:23 mailgw1 postfix/error[16507]: 9CC042EDD1C: to=jacky11287...@yahoo.com.hk, relay=none, delay=560, delays=0.11/560/0/0.06, dsn=4.0.0, status=deferred (d elivery temporarily suspended: host g.mx.mail.yahoo.com[206.190.53.191] refused to talk to me: 421 Message from (161.64.2.15) temporarily deferred - 4.16.50. Please ref er to http://help.yahoo.com/help/us/mail/defer/defer-06.html) Jan 30 11:22:23 mailgw1 postfix/error[16508]: C6ACB2EDD20: to=jacky11287...@yahoo.com.hk, relay=none, delay=560, delays=0.1/560/0/0.05, dsn=4.0.0, status=deferred (de livery temporarily suspended: host g.mx.mail.yahoo.com[206.190.53.191] refused to talk to me: 421 Message from (161.64.2.15) temporarily deferred - 4.16.50. Please refe r to http://help.yahoo.com/help/us/mail/defer/defer-06.html) Jan 30 11:22:23 mailgw1 postfix/error[16511]: C416B2EDD1B: to=jacky11287...@yahoo.com.hk, relay=none, delay=560, delays=0.2/560/0/0.09, dsn=4.0.0, status=deferred (de livery temporarily suspended: host g.mx.mail.yahoo.com[206.190.53.191] refused to talk to me: 421 Message from (161.64.2.15) temporarily deferred - 4.16.50. Please refe r to http://help.yahoo.com/help/us/mail/defer/defer-06.html) Jan 30 11:22:23 mailgw1 postfix/error[16506]: 9C3E92EDD15: to=jacky1128...@yahoo.com.hk, relay=none, delay=561, delays=0.05/560/0/0.13, dsn=4.0.0, status=deferred (de livery temporarily suspended: host g.mx.mail.yahoo.com[206.190.53.191] refused to talk to me: 421 Message from (161.64.2.15) temporarily deferred - 4.16.50. Please refe r to http://help.yahoo.com/help/us/mail/defer/defer-06.html) Victor Duchovni wrote: On Thu, Jan 29, 2009 at 05:52:09PM -0800, Jacky Chan wrote: Thx, I did postfix reload. How do I verify the _failed_cohort_limit = 0 is been taking effect since postconf doesn't show self-defined transport parameter. Just make sure postconf default_destination_concurrency_failed_cohort_limit does produce the default value. Restart Postfix. If the issue persists, turn on: destination_concurrency_feedback_debug = yes and report the (logged) results. -- Viktor. Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. To unsubscribe from the postfix-users list, visit http://www.postfix.org/lists.html or click the link below: mailto:majord...@postfix.org?body=unsubscribe%20postfix-users If my response solves your problem, the best way to thank me is to not send an it worked, thanks follow-up. If you must respond, please put It worked, thanks in the Subject so I can delete these quickly. -- View this message in context: http://www.nabble.com/Defer-Retry-tp21722888p21740901.html Sent from the Postfix mailing list archive at Nabble.com.
Message Count on an IP
Hi all, May I know in Postfix, how can I retrieve the messages count on an IP over defined period of time? Because I want to implement the policy control over that IP, to control, let's say can only send mail 100 emails over 3600 seconds. And as I searched this mailling list, some users suggest policyd, but a database is needed, may I know any Postfix itself can do it or not? or just third party software does? Thx. Best regards, Jacky -- View this message in context: http://www.nabble.com/Message-Count-on-an-IP-tp21720576p21720576.html Sent from the Postfix mailing list archive at Nabble.com.
Re: Create Custom Mail Queue
Victor Duchovni wrote: On Wed, Jan 21, 2009 at 09:45:08AM +0100, Ralf Hildebrandt wrote: * Jacky Chan jac...@wkg1.umac.mo: Dear all, Can I create custom mail queue in /var/spool/postfix to hold the mails for specific detinsation and schedule to deliver one by one for period of time, let's say 2 mins. That's not needed. Create a custom transport for the destination. Then use nameofcustomtransport_destination_rate_delay = 120s Requires Postfix 2.5 or later: http://www.postfix.org/postconf.5.html#default_destination_rate_delay -- Viktor. Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. To unsubscribe from the postfix-users list, visit http://www.postfix.org/lists.html or click the link below: mailto:majord...@postfix.org?body=unsubscribe%20postfix-users If my response solves your problem, the best way to thank me is to not send an it worked, thanks follow-up. If you must respond, please put It worked, thanks in the Subject so I can delete these quickly. If slow_destination_rate_delay = 5s and slow_destination_concurrency_limit = 2, and with slow_destination_recipient_limit 1, how does slow_destination_rate_delay and slow_destination_concurrency_limit affect each other if there are 10 mails send to the same doamin? -- View this message in context: http://www.nabble.com/Create-Custom-Mail-Queue-tp21577217p21593751.html Sent from the Postfix mailing list archive at Nabble.com.
Re: Upon IP address, restrict sending destination.
Magnus Bäck wrote: On Tuesday, January 20, 2009 at 03:33 CET, Jacky Chan jac...@wkg1.umac.mo wrote: Yeap, I finally got your idea. And I don't expect that is such easy to configure. Indeed for mynetwork parameter, I do have a list of IP to be restricted so I want it to be located on an external file but not in main.cf As advised by Magnus, how do I create the external iplist.cidr # main.cf mynetworks = cidr:/etc/postfix/iplist.cidr # /etc/postfix/iplist.cidr !192.168.1.1 !192.168.1.2 192.168.1.3 !192.168.0.0/16 In iplist.cidr, how about I don't supply the result, such as OK or REJECT? Is that OK? No, see cidr_table(5). You'll also note that the manual page doesn't say anything about using ! for negation, and that's because it's a special feature of mynetworks. Just drop the cidr: on the mynetworks line. [...] -- Magnus Bäck mag...@dsek.lth.se In summary, the configuration involved # main.cf mynetworks = /etc/postfix/iplist.cidr smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination # /etc/postfix/iplist.cidr 192.168.1.0OK !192.168.2.10 192.168.2.20 REJECT 192.168.0.0REJECT But I found the two REJECT statements don't work, I still can send mail from 192.168.2.20 where the destination is in mydestination or not. I don't know whether I understand REJECT correctly or not in cidr under mynetwork (which I can REJECT in man cidr_table), what should be the result supposed to be in this case? Or I can do it at firewall level too. Best, Jacky -- View this message in context: http://www.nabble.com/Upon-IP-address%2C-restrict-sending-destination.-tp21536576p21559931.html Sent from the Postfix mailing list archive at Nabble.com.
Create Custom Mail Queue
Dear all, Can I create custom mail queue in /var/spool/postfix to hold the mails for specific detinsation and schedule to deliver one by one for period of time, let's say 2 mins. Thanks, Jacky -- View this message in context: http://www.nabble.com/Create-Custom-Mail-Queue-tp21577217p21577217.html Sent from the Postfix mailing list archive at Nabble.com.
Re: Upon IP address, restrict sending destination.
Noel Jones-2 wrote: Jacky Chan wrote: Dear All, As subject. Does the following configuration meet the subject? 192.168.1.55 and 192.168.1.56 can only send mail to subdomain1.abc.com, subdomain2.abc.com And others IP in 192.168.1.0/24 can send mail to subdomain1.abc.com, subdomain2.abc.com and outsiders, is that achieved by the following configuration? #/etc/postfix/main.cf mynetworks = hash:/etc/postfix/access smtpd_client_restrictions = check_client_access hash:/etc/postfix/access smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination smtpd_restriction_classes = local_only local_only = check_recipient_access hash:/etc/postfix/local_domains, reject # /etc/postfix/access 192.168.1.55 REJECT 192.168.1.56 REJECT 192.168.1.0/24OK # /etc/postfix/local_only subdomain1.abc.comOK subdomain2.abc.comOK No, the above will not work, there are multiple errors. Use the example I sent you earlier, and read the documentation for mynetworks I pointed out to you in the earlier mail. Feel free to ask any question you may have about using mynetworks, but don't make up your own syntax. For your stated problem you do not need smtpd_restriction_classes, nor an access map. The mynetworks parameter is intended exactly for what you have asked for. -- Noel Jones Yeap, I finally got your idea. And I don't expect that is such easy to configure. Indeed for mynetwork parameter, I do have a list of IP to be restricted so I want it to be located on an external file but not in main.cf As advised by Magnus, how do I create the external iplist.cidr # main.cf mynetworks = cidr:/etc/postfix/iplist.cidr # /etc/postfix/iplist.cidr !192.168.1.1 !192.168.1.2 192.168.1.3 !192.168.0.0/16 In iplist.cidr, how about I don't supply the result, such as OK or REJECT? Is that OK? I should have 192.168.1.1, 192.168.0.0 and 192.168. whole network not be trusted to send mail which doesn't contain in mydestination (simply speaking) And 192.168.1.3 should be trusted to send mail either in mydestination or not. Best, Jacky -- View this message in context: http://www.nabble.com/Upon-IP-address%2C-restrict-sending-destination.-tp21536576p21555930.html Sent from the Postfix mailing list archive at Nabble.com.
Restriction Upon IP
Dears, I have serveral digital senders (scanning machine) on site, which relay my Postfix 2.5 as default email gateway. From my requirment, they can only send mail to INTRANET, I need to restrict those machines from sending mails to Internet. Currently, I setup a user based restriction but with no SMTP authentication. The details is: (example) /etc/postfic/restricted_senders /@abc\.com/ local_only /a...@abc.com/ OK /etc/postfix/main.cf smtpd_recipient_restrictions = check_sender_access regexp:/etc/postfix/restricted_senders, permit_mynetworks, reject_unauth_destination smtpd_restriction_classes = local_only local_only = check_recipient_access hash:/etc/postfix/local_domains, reject /etc/postfix/local_only subdomain1.abc.comOK subdomain2.abc.comOK From the above setting, I can successfully restrict those machines from sending outside. But I would like to carify that is it the only way to identify the sender is by SMTP authentication, because not all the machine support SMTP client authentication. I am thinking, whether I can setup a restriction based on IP rather than sender because SMTP sender is not alwasy trusted. Thank you very much. -- View this message in context: http://www.nabble.com/Restriction-Upon-IP-tp21491286p21491286.html Sent from the Postfix mailing list archive at Nabble.com.
Re: Restriction Upon IP
Noel Jones-2 wrote: Jacky Chan wrote: Dears, I have serveral digital senders (scanning machine) on site, which relay my Postfix 2.5 as default email gateway. From my requirment, they can only send mail to INTRANET, I need to restrict those machines from sending mails to Internet. Currently, I setup a user based restriction but with no SMTP authentication. The details is: (example) /etc/postfic/restricted_senders /@abc\.com/ local_only /a...@abc.com/ OK /etc/postfix/main.cf smtpd_recipient_restrictions = check_sender_access regexp:/etc/postfix/restricted_senders, **DANGER** an OK in the above map makes your server a sender-based open relay. This is bad. permit_mynetworks, reject_unauth_destination smtpd_restriction_classes = local_only local_only = check_recipient_access hash:/etc/postfix/local_domains, reject /etc/postfix/local_only subdomain1.abc.comOK subdomain2.abc.comOK From the above setting, I can successfully restrict those machines from sending outside. But I would like to carify that is it the only way to identify the sender is by SMTP authentication, because not all the machine support SMTP client authentication. I am thinking, whether I can setup a restriction based on IP rather than sender because SMTP sender is not alwasy trusted. Thank you very much. Yes, it's easy to restrict relay access based on IP. The easiest way to do that is by excluding them from mynetworks http://www.postfix.org/postconf.5.html#mynetworks # main.cf mynetworks = !192.168.1.55 !192.168.1.56 192.168.1.0/24 smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination -- Noel Jones Thanks Noel. If we take the above example configuration in #main.cf for mynetworks, 192.168.1.0/24 would be able to relay, back to my starting point, can we restrict the client from 192.168.1.0/24 from sending mail to the Internet and thus make it Intranet only? Thanks in advanced. Best regards, Jacky Chan -- View this message in context: http://www.nabble.com/Restriction-Upon-IP-tp21491286p21536492.html Sent from the Postfix mailing list archive at Nabble.com.
Re: Upon IP address, restrict sending destination.
Magnus Bäck wrote: On Monday, January 19, 2009 at 05:11 CET, Jacky Chan jac...@wkg1.umac.mo wrote: As subject. Does the following configuration meet the subject? 192.168.1.55 and 192.168.1.56 can only send mail to subdomain1.abc.com, subdomain2.abc.com And others IP in 192.168.1.0/24 can send mail to subdomain1.abc.com, subdomain2.abc.com and outsiders, is that achieved by the following configuration? No. Noel has already posted a working configuration where you list the non-relaying IP addresses in mynetworks. This will allw 192.168.1.5[56] to send to all domains managed by you, but perhaps this is enough? #/etc/postfix/main.cf mynetworks = hash:/etc/postfix/access Must be: cidr:/etc/postfix/access smtpd_client_restrictions = check_client_access hash:/etc/postfix/access smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination smtpd_restriction_classes = local_only local_only = check_recipient_access hash:/etc/postfix/local_domains, reject # /etc/postfix/access 192.168.1.55 REJECT 192.168.1.56 REJECT 192.168.1.0/24OK # /etc/postfix/local_only subdomain1.abc.comOK subdomain2.abc.comOK No, this is backwards (and there's a filename mismatch -- local_domains vs. local_only). See the example at [1] but replace check_sender_access with check_client_access. Also, you probably don't want to return OK for 192.168.1.0/24. That means that all restrictions listed after your check_client_access restriction will be bypassed, and this is probably not what you want. [1] http://www.postfix.org/RESTRICTION_CLASS_README.html#external -- Magnus Bäck mag...@dsek.lth.se Hi, Magnus. Thank you very much for your advise and I changed the configuration as below. Would you mind to have a look and please point out what I missed. I highlighted the modification in BOLD. #/etc/postfix/main.cf mynetworks = cidr:/etc/postfix/access smtpd_client_restrictions = check_client_access cidr:/etc/postfix/access smtpd_recipient_restrictions = check_client_access cidr:/etc/postfix/access,permit_mynetworks, reject_unauth_destination smtpd_restriction_classes = local_only local_only = check_recipient_access hash:/etc/postfix/local_domains, reject # /etc/postfix/access 192.168.1.55 REJECT 192.168.1.56 REJECT 192.168.1.0/24RELAY # /etc/postfix/local_domains subdomain1.abc.comOK subdomain2.abc.comOK -- View this message in context: http://www.nabble.com/Upon-IP-address%2C-restrict-sending-destination.-tp21536576p21537917.html Sent from the Postfix mailing list archive at Nabble.com.
Why I set a specific transport parameter on show up?
Hi all, I would like to set a specific tranport for mail sending to yahoo, which slow it down to avoid getting greylisted. I set a dedicated transport in master.cf like slow unix - - n - 1 smtp And set the pre-transport parameters in main.cf like slow_destination_recipient_limit = 2 I would like to ask, why this configuration doesn't show up after I issue postfix reload or even restart the server? Best, Jacky -- View this message in context: http://www.nabble.com/Why-I-set-a-specific-transport-parameter-on-show-up--tp20477927p20477927.html Sent from the Postfix mailing list archive at Nabble.com.
How can setup a dedicated transport to slow down output-rate to yahoo in Postfix 2.3?
Victor Duchovni wrote: If your prorblem is output-rate or destination concurrency, you are using the wrong tool. As subject, yeap, I actually want to setup such kind of transport to avoid getting greylist from yahoo. As I know, Postfix 2.5 has destination_rate_delay, it can slow down the output-rate, right? But in Postfix 2.3, no such parameter provides, so how can it be setup? So I consider to setup a dedicated transport name: slow for yahoo Then add the following two parameters for this transport slow_destination_recipient_limit = 4 slow_desintation_concurrency_limit = 4 I would like to ask, does it enforce the following? 1. Postfix will split the messages by nrcpt (number of recipient) by 4 2. Only 4 concurrent connection will be made to yahoo at a time 3. My server will have 4 concurrent connection made to yahoo with maximun 4 nrcpt per message at a time (perhaps a second). If the above is true, do I slow down the output-rate to yahoo? Thanks, Best, Jacky -- View this message in context: http://www.nabble.com/Why-I-set-a-specific-transport-parameter-not-show-up--tp20477927p20493131.html Sent from the Postfix mailing list archive at Nabble.com.
Re: Why I set a specific transport parameter on show up?
Yes, so how can I know the user-defined parameter takes effect? Thank you mouss-2 wrote: Jacky Chan wrote: Hi all, I would like to set a specific tranport for mail sending to yahoo, which slow it down to avoid getting greylisted. why? unless you send a lot of mail, just let it go. and if you send a lot of mail, you'll ned to get whitelisted. I set a dedicated transport in master.cf like slow unix - - n - 1 smtp And set the pre-transport parameters in main.cf like slow_destination_recipient_limit = 2 I would like to ask, why this configuration doesn't show up after I issue postfix reload or even restart the server? to show up where? do you mean in postconf output? if so, no it won't. postconf only shows builtin parameters. This is a known limitation. -- View this message in context: http://www.nabble.com/Why-I-set-a-specific-transport-parameter-not-show-up--tp20477927p20493144.html Sent from the Postfix mailing list archive at Nabble.com.