Debugging the transport table
(version 2.7.0; postconf -n upon request). I'm having trouble using the transport table with a non-default server port. Specifically, I have sh...@ziskind.us:[pizza.ziskind.us]:2525 me...@crownkosher.net :[pizza.ziskind.us]:2525 the last being newly added. Results: Mar 25 08:02:11 chocolate postfix/smtp[22965]: E0BDA1E201E: to=sh...@ziskind.us, relay=pizza.ziskind.us[24.191.111.65]:2525, delay=2.7, delays=0.87/0.05/0.35/ 1.4, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 86C48A6034B) but Mar 29 17:39:28 chocolate postfix/smtp[18687]: 71E781E2981: to=me...@crownkosher.com, relay=none, delay=119, delays=98/0.04/21/0, dsn=4.4.1, status=deferred (connect to pizza.ziskind.us[24.191.111.65]:25: Connection timed out) So, the port number is not being used. I recall, on adding the first line, having some issues but forgot what I did to actually get it going. How do I debug this? Thanks!
Re: Debugging the transport table
/dev/rob0 wrote (on Thu, Mar 29, 2012 at 05:14:04PM -0500): On Thu, Mar 29, 2012 at 05:49:20PM -0400, N. Yaakov Ziskind wrote: (version 2.7.0; postconf -n upon request). I'm having trouble using the transport table with a non-default server port. Specifically, I have sh...@ziskind.us:[pizza.ziskind.us]:2525 me...@crownkosher.net :[pizza.ziskind.us]:2525 the last being newly added. Results: Mar 25 08:02:11 chocolate postfix/smtp[22965]: E0BDA1E201E: to=sh...@ziskind.us, relay=pizza.ziskind.us[24.191.111.65]:2525, delay=2.7, delays=0.87/0.05/0.35/ 1.4, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 86C48A6034B) but Mar 29 17:39:28 chocolate postfix/smtp[18687]: 71E781E2981: to=me...@crownkosher.com, relay=none, delay=119, delays=98/0.04/21/0, dsn=4.4.1, status=deferred (connect to pizza.ziskind.us[24.191.111.65]:25: Connection timed out) So, the port number is not being used. I recall, on adding the first line, having some issues but forgot what I did to actually get it going. How do I debug this? Based on the information here, I would guess that you forgot to postmap your transport_maps file. That's really all I can guess. But that should have given you warnings in the logs, so it's strange you didn't see those when you retrieved the above lines. Alas, I wish: # l -ltr total 672 [snip] -rwxr--r-- 1 root root 10111 2012-03-29 17:17 transport* -rwxr--r-- 1 root root 12288 2012-03-29 17:17 transport.db* -- _ Nachman Yaakov Ziskind, FSPA, LLM aw...@ziskind.us Attorney and Counselor-at-Law http://ziskind.us Economic Group Pension Services http://egps.com Actuaries and Employee Benefit Consultants
Re: Debugging the transport table
Noel Jones wrote (on Thu, Mar 29, 2012 at 06:39:34PM -0500): On 3/29/2012 4:49 PM, N. Yaakov Ziskind wrote: (version 2.7.0; postconf -n upon request). I'm having trouble using the transport table with a non-default server port. Specifically, I have ... me...@crownkosher.net :[pizza.ziskind.us]:2525 .NET ... but Mar 29 17:39:28 chocolate postfix/smtp[18687]: 71E781E2981: to=me...@crownkosher.com, relay=none, delay=119, delays=98/0.04/21/0, dsn=4.4.1, status=deferred (connect to pizza.ziskind.us[24.191.111.65]:25: Connection timed out) .COM Not so big a mystery after all. -- Noel Jones :facepalm: You're right, of course. /runs for more caffeine Thanks! -- _ Nachman Yaakov Ziskind, FSPA, LLM aw...@ziskind.us Attorney and Counselor-at-Law http://ziskind.us Economic Group Pension Services http://egps.com Actuaries and Employee Benefit Consultants
Avoiding Domain not found errors
A particular mailer, slightly broken, cannot send mail to a postfix (2.7.0) box: Feb 5 08:51:16 pizza postfix/smtpd[30453]: NOQUEUE: reject: RCPT from chocolate .egps.com[38.119.130.7]: 450 4.1.8 nob...@vps.jewishwomansonlinecalendar.com: Sender address rejected: i Domain not found; from=nob...@vps.jewishwomansonlinecalendar.com to=sample@domain.example proto=ESMTP helo=chocolate.egps.com Where the sample@domain.example is a valid address on the local machine. What's the easiest to let this mail through? I tried adding the domain to /var/spool/postfix/etc/hosts, and it didn't help. Thanks!
Re: Avoiding Domain not found errors
DN Singh wrote (on Wed, Feb 08, 2012 at 10:50:50AM +0530): The setting can be changed in the parameter smtpd_sender_restrictions reject_unknown_sender_domain, if it is necessary. That would let in *all* mail from nonexistent domains, which I was hoping to avoid. Postfix looks up the the domain, and if it does not find any info, it rejects the mail. Anyways, the domain in the mail is indeed non-existent. But it's a subdomain of a valid domain, and it's a useful email .. What's the easiest way to let this email from this one sender through? On Wed, Feb 8, 2012 at 9:45 AM, N. Yaakov Ziskind aw...@ziskind.us wrote: A particular mailer, slightly broken, cannot send mail to a postfix (2.7.0) box: Feb 5 08:51:16 pizza postfix/smtpd[30453]: NOQUEUE: reject: RCPT from chocolate .egps.com[38.119.130.7]: 450 4.1.8 nob...@vps.jewishwomansonlinecalendar.com: Sender address rejected: i Domain not found; from=nob...@vps.jewishwomansonlinecalendar.com to=sample@domain.example proto=ESMTP helo=chocolate.egps.com Where the sample@domain.example is a valid address on the local machine. What's the easiest to let this mail through? I tried adding the domain to /var/spool/postfix/etc/hosts, and it didn't help. Thanks!
Whitelisting a domain
I'm getting errors like this from one particular sender: Oct 19 13:54:13 pizza postfix/smtpd[31372]: NOQUEUE: reject: RCPT from chocolate.egps.com[38.119.130.7]: 450 4.1.8 nob...@vps.mydomain.com: Sender address rejected: Domain not found; from=nob...@vps.mydomain.com to=sh...@ziskind.us proto=ESMTP helo=chocolate.egps.com where the capitalized domain name has been munged. I'd like these email to get through. (Apparently, MYDOMAIN.com is a real domain, but vps.MYDOMAIN.com isn't.) I tried putting vps.MYDOMAIN.com into DNS in the postfix box, but that didn't help (perhaps I didn't do it right?) So, how can I whitelist this domain? (postconf -n output found at http://www.ziskind.us/postconf.out) Thanks!
Re: postfix as forwarder and backscatterer problem
In my experience, ALL the NDRs I've ever seen are useless - if mail is bad, it should be REJECTed, otherwise the system is breaking down somewhere. Is there a way to just drop bounces on the floor? Vasya Pupkin wrote (on Thu, Jul 22, 2010 at 06:52:22PM +0400): You of course understand that this is not possible, right? On Thu, Jul 22, 2010 at 6:50 PM, Wietse Venema wie...@porcupine.org wrote: Vasya Pupkin: I'm doing best I can to fight spam. Then you will have to predict what mail will be rejected down-stream. Let me know when you solve that problem :-) Wietse that pierced through all filters. There is no 100% way to detect spam and you know that. So, some percentage will still go through and will be forwarded, and possibly rejected, causing bounce to be generated. On Thu, Jul 22, 2010 at 6:27 PM, Wietse Venema wie...@porcupine.org wrote: Vasya Pupkin: Hello. First, I have spent two days reading articles and searching web for solution but failed there. I am using postfix as an mx for my domains, it accpets mail for different addresses withing my domains which is then forwarded to other external domains, i.e. google.com and other mail services. Mail for unknown users is rejected, many other check are performed, but still sometimes my system acts as a backscatterer when something like this happens: 1. Incoming mail passes all tests, it's coming to one of the addresses within my domain, i.e. existing-u...@mydomain.tld 2. Postfix then forwards mail to external domain, i.e. myem...@mailservice.tld 3. For some reason mailservice.tld rejects this mail, i.e. it doesn't like it's content or size. 4. Postfix then bounces mail to sender, which can be forged, and thus, becoming a backscatterer. Is there any way to prevent postfix from sending bounces anywhere? The best conutermeasure is not to forward spam. The second-best solution requires the ability to predict if a specific message will be rejected down-stream. Let me know when you solve that, so I can add it to Postfix. ? ? ? ?Wietse -- _ Nachman Yaakov Ziskind, FSPA, LLM aw...@ziskind.us Attorney and Counselor-at-Law http://ziskind.us Economic Group Pension Services http://egps.com Actuaries and Employee Benefit Consultants
Re: postfix as forwarder and backscatterer problem
Sometimes the downstream MX has a 'special cookbook' of super secret anti-spam body checks, and you will always have this problem. Vasya Pupkin wrote (on Thu, Jul 22, 2010 at 06:37:26PM +0400): It is already as restrictive as possible and acceptable for me. I do not want to loose any non-spam mail as well, so I am not going insane adding network block based rbl domains, but I am using most reliable rbl domains, including zen.spamhaus.org, bl.spamcop.net, cbl.abuseat.org, b.barracudacentral.org, and some more, and some Postfix internal check including reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, and some more. On Thu, Jul 22, 2010 at 6:28 PM, Mikael Bak mik...@t-online.hu wrote: Vasya Pupkin wrote: Hello. First, I have spent two days reading articles and searching web for solution but failed there. I am using postfix as an mx for my domains, it accpets mail for different addresses withing my domains which is then forwarded to other external domains, i.e. google.com and other mail services. Mail for unknown users is rejected, many other check are performed, but still sometimes my system acts as a backscatterer when something like this happens: 1. Incoming mail passes all tests, it's coming to one of the addresses within my domain, i.e. existing-u...@mydomain.tld 2. Postfix then forwards mail to external domain, i.e. myem...@mailservice.tld 3. For some reason mailservice.tld rejects this mail, i.e. it doesn't like it's content or size. 4. Postfix then bounces mail to sender, which can be forged, and thus, becoming a backscatterer. Is there any way to prevent postfix from sending bounces anywhere? Hi Vasya, To be sure to not acting as a backscatter you will have to configure the front mx to be as restrictive regarding content and mail sizes as the final destination is. Otherwise you will see problems like the theese. HTH, Mikael -- _ Nachman Yaakov Ziskind, FSPA, LLM aw...@ziskind.us Attorney and Counselor-at-Law http://ziskind.us Economic Group Pension Services http://egps.com Actuaries and Employee Benefit Consultants
Re: distribution issues with Postfix
Phil Howard wrote (on Thu, Jul 08, 2010 at 12:10:39PM -0400): On Thu, Jul 8, 2010 at 10:40, markus reichelt m...@mareichelt.com wrote: ALso, I can only stress what has been said already: get your distro shit together; go along with your hunch about slackware, ask slackware specific questions on a slackware mailinglist/usenet group, and post postfix problems (which you researched yourself but couldnt solve on your own) in here. If one asks How well does Postfix perform on Slackware ... on a Slackware list/forum ... better hope Jeroen isn't on that list/forum. -- sHiFt HaPpEnS! (I've installed PF on half a dozen Ubuntu boxes, with no hiccups significant enough to remember.) What I would say is that the differences between distros only involve setup and maybe maintenance, and do not involve performance, so that utlimately, what extra effort there is is only pocket change to sysadmins. Now, if someone would come forward with a claim that, PF runs 10% slower/faster etc. on RH vs. Suse, I'm sure the list maintainers would be ALL over it. -- _ Nachman Yaakov Ziskind, FSPA, LLM aw...@ziskind.us Attorney and Counselor-at-Law http://ziskind.us Economic Group Pension Services http://egps.com Actuaries and Employee Benefit Consultants
Re: [OT] Detecting telnet?
Ralf Hildebrandt wrote (on Fri, Jun 11, 2010 at 09:57:42AM +0200): Administrators of sites that want to trouble-shoot connectivity issues with your server will use telnet 25 from time to time. There is no need to block this, it is by far the least likely source of any significant spam volume... Indeed. There are faster methods. Kinda reminds me of the Donald Westlake story, which described a fine-arts painter who took to counterfeiting $20s; the Secret Service let him go with a slap on the wrist, they said, when they figured out it him hours to produce each note. :-) -- _ Nachman Yaakov Ziskind, FSPA, LLM aw...@ziskind.us Attorney and Counselor-at-Law http://ziskind.us Economic Group Pension Services http://egps.com Actuaries and Employee Benefit Consultants
Re: Debian argument.. postfix hostname
Jim Wright wrote (on Thu, Jun 03, 2010 at 04:47:05PM -0500): On Jun 3, 2010, at 1:36 PM, Moe wrote: My point is: When 'myhostname' and 'mydomainname' are left out of main.cf then postfix makes an attempt to auto-detect them. There's your problem. Fix that. See my original reply at the start of this thread. More than that: Debian *does* fix that. See the second message in the original link: you have to *remove* something that Debian puts in, otherwise you never experience the bug. So, the whole thing seems kinda metaphysical.
Re: Debian argument.. postfix hostname
Matt Hayes wrote (on Wed, Jun 02, 2010 at 11:48:53PM -0400): On 06/02/2010 11:44 PM, Jim Wright wrote: Failure to properly configure Postfix isn't a bug. Documentation exists for a reason, if a config doesn't work, fix the config. Don't complain because magic doesn't happen. I know nothing about debian, and can't speak to any allowanced postfix does or doesn't make on that platform. I run postfix on OS X, and don't expect the OS to provide postfix with everything it needs. Jim On Jun 2, 2010, at 9:46 PM, Matt Hayes wrote: Yes.. I know this has come up quite a bit, but on freenode in #postfix this discussion once again erupted when someone mentioned a bug in postfix and referencing this: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=214741 Now, I'm not all that bright on how postfix sorts out the hostname, and frankly, I don't care, but I don't like people saying its a 'bug' when I have no problems following configuration directives. Can someone PLEASE explain this in clear terms as to what they are complaining about? Confused, -Matt I don't disagree with yo uat all. I use Slackware personally and install from source when I do my installations/upgrades with postfix. Just wanted input on this as it is quite frustrating when I KNOW It isn't a bug because it appears the Debian folks are the only ones I see reporting it. -Matt I use Ubuntu, not Debian, but I read the bug and it appears to depend upon Debian-specific behavior. Further, Mike Paul mentions that Debian works around the unexpected behavior, so that there are much real-world consequences. In fact, to make the bug happen, you have to take affirmative steps to break the Postfix install. So ... yawn. -- _ Nachman Yaakov Ziskind, FSPA, LLM aw...@ziskind.us Attorney and Counselor-at-Law http://ziskind.us Economic Group Pension Services http://egps.com Actuaries and Employee Benefit Consultants
Re: Delayed email after leaving my server?
Matt Hayes wrote (on Wed, May 19, 2010 at 12:49:43PM -0400): On 5/19/2010 1:03 PM, Josh Cason wrote: I don't know how to explain this. Have you guys every heard of a problem were email is sent to another server and go stray for hours before being delivered? The only network I had problems on was verizion text message. You send a text msg from your e-mail and it goes into the verizion server. Then sometimes through the day. The person gets it. I just don't know were to start because the e-mail message has left my server and out of my hands. Thanks, Josh Josh, You said it! If their server accepts it (200 OK) and they take it off your hands, you can't control any delays once its left your system. Tell Verizon to get better admins ;) -Matt Actually, the problem is not bad admin, but fiscal. They want you to communicate via SM$, rather than email. i -- _ Nachman Yaakov Ziskind, FSPA, LLM aw...@ziskind.us Attorney and Counselor-at-Law http://ziskind.us Economic Group Pension Services http://egps.com Actuaries and Employee Benefit Consultants
Re: timeout problem on inbound and outbound SMTP
Noel Jones wrote (on Tue, May 04, 2010 at 02:33:48PM -0500): On 5/4/2010 2:16 PM, Charles Gregory wrote: On Tue, 4 May 2010, Nataraj wrote: Enclosed is a tcpdump of a telnet connection where nothing was typed, i.e. I telnetted to the smtp server and 5 seconds later the server closed the connection. THIS IS NORMAL. As I said previously, type the MAIL FROM, RCPT TO, and DATA commands, send a couple of ilnes, THEN wait and time the timeout. How about those logs showing a complete mail 'life cycle'? - C No, it's not normal. When you telnet to a postfix smtpd, postfix will sit there patiently for $smtpd_timeout before it disconnects if you don't type anything. The described behavior suggests smtpd_timeout is set for 4s, but that parameter isn't in the postconf or master.cf shown to the list. I don't think there's anything else we can do for the OP. -- Noel Jones If the timeout is really set to 4s, can it be overriden in master.cf? Wouldn't that be a useful workaround, or at least a diagnostic? Thanks.
Re: postfix smtp_loop() breaks SMTP
Victor Duchovni wrote (on Thu, Apr 22, 2010 at 01:28:24AM -0400): Also, at this point, with Postfix driving such a large share of the Internet email infrastructure, Can you, please, elucidate on this? Some numbers, perhaps, or a list of Fortune XX companies that use it? It would be useful in selling the suits. Thanks! -- _ Nachman Yaakov Ziskind, FSPA, LLM aw...@ziskind.us Attorney and Counselor-at-Law http://ziskind.us Economic Group Pension Services http://egps.com Actuaries and Employee Benefit Consultants
Postfix logging to syslog
I'd like to stop postfix from scribbling to syslog.
syslog stuff from main.cf ('postconf -n' data upon request):
syslog_facility = mail
syslog_name = postfix
# grep -v # /etc/syslog.conf
auth,authpriv.* /var/log/auth.log
*.*;auth,authpriv.none;mail.none-/var/log/syslog
daemon.*-/var/log/daemon.log
kern.* -/var/log/kern.log
lpr.* -/var/log/lpr.log
mail.* -/var/log/mail.log
user.* -/var/log/user.log
mail.info -/var/log/mail.info
mail.warning-/var/log/mail.warn
mail.err/var/log/mail.err
news.crit /var/log/news/news.crit
news.err/var/log/news/news.err
news.notice -/var/log/news/news.notice
*.=debug;\
auth,authpriv.none;\
news.none;mail.none -/var/log/debug
*.=info;*.=notice;*.=warning;\
auth,authpriv.none;\
cron,daemon.none;\
mail.none;news.none -/var/log/messages
*.emerg *
daemon.*;mail.*;\
news.err;\
*.=debug;*.=info;\
*.=notice;*.=warning|/dev/xconsole
I'm getting full Postfix output to syslog, mail.log and mail.info.
What am I missing?
Re: Postfix logging to syslog
Sahil Tandon wrote (on Tue, Apr 27, 2010 at 11:23:22PM -0400):
On Tue, 27 Apr 2010, N. Yaakov Ziskind wrote:
I'd like to stop postfix from scribbling to syslog.
syslog stuff from main.cf ('postconf -n' data upon request):
syslog_facility = mail
syslog_name = postfix
# grep -v # /etc/syslog.conf
[ .. ]
I'm getting full Postfix output to syslog, mail.log and mail.info.
What am I missing?
Assuming you did not make any mistakes while editing syslog.conf, did
you restart syslogd(8) after making the changes? Postfix simply logs to
the mail facility; how syslogd(8) handles this is not a Postfix issue.
--
Sahil Tandon sa...@freebsd.org
yes, with /etc/init.d/sysklogd restart; I also HUPed the only process,
'rsyslogd -c4', to come out of 'ps ax|grep log'.
also, at some point, I had made other changes which caused postfix to
also write to messages; then I backed them out, and those messages
stopped.
--
_
Nachman Yaakov Ziskind, FSPA, LLM aw...@ziskind.us
Attorney and Counselor-at-Law http://ziskind.us
Economic Group Pension Services http://egps.com
Actuaries and Employee Benefit Consultants
Re: Postfix logging to syslog
Sahil Tandon wrote (on Wed, Apr 28, 2010 at 12:02:34AM -0400): On Tue, 27 Apr 2010, N. Yaakov Ziskind wrote: Sahil Tandon wrote (on Tue, Apr 27, 2010 at 11:23:22PM -0400): Assuming you did not make any mistakes while editing syslog.conf, did you restart syslogd(8) after making the changes? Postfix simply logs to the mail facility; how syslogd(8) handles this is not a Postfix issue. yes, with /etc/init.d/sysklogd restart; I also HUPed the only process, 'rsyslogd -c4', to come out of 'ps ax|grep log'. You are aware that rsyslogd != sys(k)logd, right? -- Sahil Tandon sa...@freebsd.org In the interest of clarity, system is running Ubuntu Lucid, and there is no syslogd on the system (except /etc/default/syslogd), only sysklogd, which seems to be its replacement. -- _ Nachman Yaakov Ziskind, FSPA, LLM aw...@ziskind.us Attorney and Counselor-at-Law http://ziskind.us Economic Group Pension Services http://egps.com Actuaries and Employee Benefit Consultants
OT: Re: [mailer-dae...@doctor.nl2k.ab.ca: Postfix SMTP server: errors from idcmail-mo2no.shaw.ca[64.59.134.9]]
Perhaps you missed this in prior email: - Send non-verbose logging. - Send logging that covers an entire message life cycle from the SMTP port to final delivery. Wietse It never ceases to amaze me, how really bright people (and I'm assuming everyone on this list has an IQ above the national average) fail to follow directions (myself included). -- _ Nachman Yaakov Ziskind, FSPA, LLM aw...@ziskind.us Attorney and Counselor-at-Law http://ziskind.us Economic Group Pension Services http://egps.com Actuaries and Employee Benefit Consultants
Re: Strange Bounce
Charles Marcus wrote (on Fri, Apr 24, 2009 at 05:51:51AM -0400): On 4/24/2009, Vince Sabio (vi...@vjs.org) wrote: I'd rather not post information like that _pro forma_; if there's some subset of that information that might be of help in diagnosing this issue, then I'd be happy to post it. I realize that my reluctance to post the entire data set might limit the likelihood of getting to the bottom of this error. It will not just limit it, it will probably cause most everyone to totally ignire you. Oh... and its also extraordinarily silly... what exactly do you think you are protecting by refusing to post it? Perhaps his reluctance stems not from disclosing it, but from having it sit in archives forever, waiting to be scraped. With that in mind, would the denizens of this list mind posters supplying links to the necessary info, said links to vanish when the thread is over? That's what I'd like to do.
Re: SMTPD segfaults on startup
Wietse Venema wrote (on Fri, Apr 24, 2009 at 02:28:12PM -0400): N. Yaakov Ziskind: Uh-oh. Just upgraded a Ubuntu box to the latest and greatesti (jaunty jackelope), and postfix is dying all over the place: Apr 24 14:06:25 chocolate postfix/smtpd[5176]: connect from unknown[unknown] Apr 24 14:06:25 chocolate postfix/smtpd[5176]: lost connection after CONNECT from unknown[unknown] Apr 24 14:06:25 chocolate postfix/smtpd[5176]: disconnect from unknown[unknown] Apr 24 14:06:25 chocolate kernel: [ 1895.725677] smtpd[5176]: segfault at b0d12950 eip b7c560b0 esp bfd1241c error 6 Apr 24 14:06:25 chocolate postfix/master[5141]: warning: process /usr/lib/postfix/smtpd pid 5176 killed by signal 11 Apr 24 14:06:25 chocolate postfix/master[5141]: warning: /usr/lib/postfix/smtpd:bad command startup -- throttling and on and on. How in the heck did I manage to shoot myself in the foot? DLL hell. Typical causes are: - Mixing different versions of Berkeley DB, OpenSSL, SASL, etc. For example, Postfix was built with version X, but nsswitch.conf functions are built with version Y. An investigation with ldd usually shows what the discrepancy is. Wietse Oh? I don't know what I'm looking at: # ldd smtpd linux-gate.so.1 = (0xb7f3e000) libpostfix-master.so.1 = /usr/lib/libpostfix-master.so.1 (0xb7f2f000) libpostfix-tls.so.1 = /usr/lib/libpostfix-tls.so.1 (0xb7f2) libpostfix-dns.so.1 = /usr/lib/libpostfix-dns.so.1 (0xb7f19000) libpostfix-global.so.1 = /usr/lib/libpostfix-global.so.1 (0xb7ee9000) libpostfix-util.so.1 = /usr/lib/libpostfix-util.so.1 (0xb7ebc000) libssl.so.0.9.8 = /lib/i686/cmov/libssl.so.0.9.8 (0xb7e76000) libcrypto.so.0.9.8 = /lib/i686/cmov/libcrypto.so.0.9.8 (0xb7d2a000) libsasl2.so.2 = /usr/lib/libsasl2.so.2 (0xb7d11000) libdb-4.6.so = /usr/lib/libdb-4.6.so (0xb7be2000) libnsl.so.1 = /lib/tls/i686/cmov/libnsl.so.1 (0xb7bc9000) libresolv.so.2 = /lib/tls/i686/cmov/libresolv.so.2 (0xb7bb3000) libc.so.6 = /lib/tls/i686/cmov/libc.so.6 (0xb7a5) libdb-4.7.so = /usr/lib/libdb-4.7.so (0xb78fb000) libdl.so.2 = /lib/tls/i686/cmov/libdl.so.2 (0xb78f7000) libz.so.1 = /lib/libz.so.1 (0xb78e1000) libpthread.so.0 = /lib/tls/i686/cmov/libpthread.so.0 (0xb78c8000) /lib/ld-linux.so.2 (0xb7f3f000) This box is stock ubuntu, and i only use ssl, postfix and samba, so i'm wondering what i did wrong. i'm not using sasl, tls or anything other than postgrey added on. should i just remove postfix and re-install? is it safe to keep main.cf and the files i created/modified (transport, recipient_checks, whitelist, helo_access, aliases and virtual)? Thanks!
Re: SMTPD segfaults on startup
N. Yaakov Ziskind wrote (on Fri, Apr 24, 2009 at 02:37:36PM -0400): Wietse Venema wrote (on Fri, Apr 24, 2009 at 02:28:12PM -0400): N. Yaakov Ziskind: Uh-oh. Just upgraded a Ubuntu box to the latest and greatesti (jaunty jackelope), and postfix is dying all over the place: Apr 24 14:06:25 chocolate postfix/smtpd[5176]: connect from unknown[unknown] Apr 24 14:06:25 chocolate postfix/smtpd[5176]: lost connection after CONNECT from unknown[unknown] Apr 24 14:06:25 chocolate postfix/smtpd[5176]: disconnect from unknown[unknown] Apr 24 14:06:25 chocolate kernel: [ 1895.725677] smtpd[5176]: segfault at b0d12950 eip b7c560b0 esp bfd1241c error 6 Apr 24 14:06:25 chocolate postfix/master[5141]: warning: process /usr/lib/postfix/smtpd pid 5176 killed by signal 11 Apr 24 14:06:25 chocolate postfix/master[5141]: warning: /usr/lib/postfix/smtpd:bad command startup -- throttling and on and on. How in the heck did I manage to shoot myself in the foot? DLL hell. Typical causes are: - Mixing different versions of Berkeley DB, OpenSSL, SASL, etc. For example, Postfix was built with version X, but nsswitch.conf functions are built with version Y. An investigation with ldd usually shows what the discrepancy is. Wietse Oh? I don't know what I'm looking at: # ldd smtpd linux-gate.so.1 = (0xb7f3e000) libpostfix-master.so.1 = /usr/lib/libpostfix-master.so.1 (0xb7f2f000) libpostfix-tls.so.1 = /usr/lib/libpostfix-tls.so.1 (0xb7f2) libpostfix-dns.so.1 = /usr/lib/libpostfix-dns.so.1 (0xb7f19000) libpostfix-global.so.1 = /usr/lib/libpostfix-global.so.1 (0xb7ee9000) libpostfix-util.so.1 = /usr/lib/libpostfix-util.so.1 (0xb7ebc000) libssl.so.0.9.8 = /lib/i686/cmov/libssl.so.0.9.8 (0xb7e76000) libcrypto.so.0.9.8 = /lib/i686/cmov/libcrypto.so.0.9.8 (0xb7d2a000) libsasl2.so.2 = /usr/lib/libsasl2.so.2 (0xb7d11000) libdb-4.6.so = /usr/lib/libdb-4.6.so (0xb7be2000) libnsl.so.1 = /lib/tls/i686/cmov/libnsl.so.1 (0xb7bc9000) libresolv.so.2 = /lib/tls/i686/cmov/libresolv.so.2 (0xb7bb3000) libc.so.6 = /lib/tls/i686/cmov/libc.so.6 (0xb7a5) libdb-4.7.so = /usr/lib/libdb-4.7.so (0xb78fb000) libdl.so.2 = /lib/tls/i686/cmov/libdl.so.2 (0xb78f7000) libz.so.1 = /lib/libz.so.1 (0xb78e1000) libpthread.so.0 = /lib/tls/i686/cmov/libpthread.so.0 (0xb78c8000) /lib/ld-linux.so.2 (0xb7f3f000) This box is stock ubuntu, and i only use ssl, postfix and samba, so i'm wondering what i did wrong. i'm not using sasl, tls or anything other than postgrey added on. should i just remove postfix and re-install? is it safe to keep main.cf and the files i created/modified (transport, recipient_checks, whitelist, helo_access, aliases and virtual)? Thanks! To answer my own question: apt-get remove postfix ; apt-get install postfix got things running again. Thanks to all who looked at this.
Re: Suggest another server?
Roderick A. Anderson wrote (on Mon, Jan 26, 2009 at 11:22:35AM -0800): Not too clear from the subject and probably a lame idea. Situation: We have a system (MX1) that is having hardware problems. Currently they are irritations but we want to rebuild the system before it really crashes. There are actually two systems so there is back up (MX2) in case there is a failure. We created another system (MX3) and added it to the DNS records with a priority the same as MX2 and gave MX1 a really low priority hoping to slowly reduce traffic to it. It is going too slowly! So I was thinking instead of just shutting it down it would be nice to the tell the connecting systems to go to the other system then refuse to accept the mail. After a day or so shout it down. Is this possible? If so what is it called? (I'm completely at loss here for terms to search with.) Thanks, Rod -- It's really ok to just shut down MX1. Really. According to the RFCs, the clients (servers?) should just go to the others. But, if you don't like that scenario, next best is to have your firewall/router/PIX/whatever translate MX1's address, so that connections to that box *really* go to MX[2|3]. That's what I would do. -- _ Nachman Yaakov Ziskind, FSPA, LLM aw...@ziskind.us Attorney and Counselor-at-Law http://ziskind.us Economic Group Pension Services http://egps.com Actuaries and Employee Benefit Consultants
Re: fatal: open file trace :Permission denied
Wietse Venema wrote (on Sun, Jan 11, 2009 at 09:04:04AM -0500): N. Yaakov Ziskind: In: DATA Out: 354 End data with CRLF.CRLF Out: 451 4.3.0 Error: queue file write error puzzling. The actual problem is logged in the MAILLOG file. Postfix does not divulge internal problem details to SMTP clients. Wietse Correct. I had posted the log errors in the first message in this thread. They got snipped, so I'll repost them: Jan 8 19:31:33 geulah postfix/bounce[10466]: fatal: open file trace AFD43439E2: Permission denied Jan 8 19:31:34 geulah postfix/cleanup[10454]: warning: AFD43439E2: trace service failure Jan 8 19:31:34 geulah postfix/cleanup[10454]: warning: AFD43439E2: trace logfile update error Jan 8 19:31:34 geulah postfix/master[9437]: warning: process /usr/lib/postfix/bounce pid 10466 exit status 1 Jan 8 19:31:34 geulah postfix/master[9437]: warning: /usr/lib/postfix/bounce: bad command startup -- throttling and then a double bounce error messsages is generated. -- _ Nachman Yaakov Ziskind, FSPA, LLM aw...@ziskind.us Attorney and Counselor-at-Law http://ziskind.us Economic Group Pension Services http://egps.com Actuaries and Employee Benefit Consultants
fatal: open file trace :Permission denied
Today a message registered an unfamiliar error in postfix: Jan 7 20:10:26 geulah postfix/smtpd[2021]: connect from host67.72.248.165.conversent.net[72.248.165.67] Jan 7 20:10:28 geulah postfix/smtpd[2021]: 0C846439E2: client=host67.72.248.165.conversent.net[72.248.165.67] Jan 7 20:10:28 geulah postfix/bounce[2024]: fatal: open file trace 0C846439E2:Permission denied Jan 7 20:10:29 geulah postfix/cleanup[2023]: warning: 0C846439E2: trace service failure Jan 7 20:10:29 geulah postfix/cleanup[2023]: warning: 0C846439E2: trace logfile update error Jan 7 20:10:29 geulah postfix/master[31394]: warning: process /usr/lib/postfix/bounce pid 2024 exit status 1 Jan 7 20:10:29 geulah postfix/master[31394]: warning: /usr/lib/postfix/bounce:bad command startup -- throttling and I got a double-bounce message, which I can display if helpful. To my mind, this looks like a file system error on the Postfix (appears to be 2.0.6) box, except: a) I've verified that I can create files in the directories in /var/spool/postfix, and the disk has plenty of space; b) messages have gone by normally, before and since (hundreds of messages) and c) this message series appears three times, one for each time (3) that this particular SMTP server (client? I always get confused) tries to send this particular message. (Each time a different file name, though.) So, scratching my head, the only thing that I can think that, somehow, the message body itself is causing the filesystem to throw up. Eh?
Copy incoming email to two destinations
On an email gateway (accepting internet email and passing it on to other machines), how do I send one user's email to two different destinations? I tried with aliases, but that only appears to work with local delivery. Thanks!
Re: Copy incoming email to two destinations
Magnus Bck wrote (on Wed, Jan 07, 2009 at 06:54:55AM +0100): On Wednesday, January 07, 2009 at 06:46 CET, N. Yaakov Ziskind aw...@ziskind.us wrote: On an email gateway (accepting internet email and passing it on to other machines), how do I send one user's email to two different destinations? I tried with aliases, but that only appears to work with local delivery. Use virtual aliases (which doesn't imply virtual alias DOMAINS). http://www.postfix.org/ADDRESS_REWRITING_README.html#virtual -- Magnus Bäck mag...@dsek.lth.se Thank you!
Simple mail authentication
I have a simple (I'll post postconf -n if it would help) Postfix box that basically takes in mail and hands it off. I have one user that would like to send and receive mail from the outside. I'm ok with receiving mail, but I have to (I think) set up some authentication so that I don't become an open relay. What's the simplest way to do this? Thanks!
