Re: Why the name Postfix?

[dn]

On 28/03/2022 08.18, Viktor Dukhovni wrote:
> This sounds plausible.  As for why "Postfix" and not, say, "Platypus", I
> don't know.

A platypus?

Although Postfix could be said to identify its food-targets (incoming
SMTP) by "electrolocation", it is not a venomous creature.

If 'more' than a benign Postfix is required, then one must add filters
and policies.
(maybe some DDOS etc anti-measures would be closer to the idea of
venomous spurs on the back legs of Postfix?)

https://environment.des.qld.gov.au/wildlife/animals/a-z/platypus
-- 
Regards =dn

Re: Catch-all problem

[DN Singh]

On Thu, Oct 4, 2012 at 4:39 PM, Ram  wrote:

>
> On 10/04/2012 04:30 PM, DN Singh wrote:
>
>> Hello group,
>>
>> I want to implement a catch-all address on my system. This is a very
>> simple setup where the users are system users. Hence, the unrouted mail
>> should go to user bounce.
>> After searching documentation I implemented virtual_alias_maps. But, all
>> mails are going to the address rather than unrouted ones. Please let me
>> know what is wrong.
>>
>> The virtual file is as below:
>>
>> @sub.domain.tldbounce
>>
>>
> You will have to put all your users in the virtual_alias_maps  not just
> the "catchall"  entry
>
>
> so it will be like
>
>
> us...@sub.domain.tld  DUNNO
> us...@sub.domain.tld  DUNNO
> ..
> @sub.domain.tldbounce
>
> Thanks for the clarification guys.

Re: Force same in and outgoing ip numbers?

[DN Singh]

You can setup multiple postfix instances for each ip.
On Sep 24, 2012 9:34 PM, "Kingsquare.nl - Marc van Duivenvoorde" <
m...@kingsquare.nl> wrote:

> Hi, I've got a question. Let's say I have a machine with 4 ipnumbers,
> all of which are being used to send e-mail. Is it possible to enforce
> that whenever someone connects to smtp on one of these numbers, that
> the smtpd will use the same ip?
>
> I have a shared machine, only for one mail account I use a dedicated
> ip as it's the relayhost for my web platform. The web platform has
> local postfix instances which use relayhost and sasl authentication to
> connect to my box and send off all possible e-mail. The only thing is,
> all mail being relayed from this box has another outgoing hostname and
> ip number than the dedicated incoming one.
>
> Met vriendelijke groet,
>
> Marc van Duivenvoorde
> Kingsquare information services.
>

Re: myhostname depend on sender address, message id depend on sender address: is it possible and how to?

[DN Singh]

On Sep 22, 2012 8:16 PM, "Reindl Harald"  wrote:
>
>
>
> Am 22.09.2012 16:41, schrieb Андрей Клаус:
> > 1) At webserver postfix generates a message-id field. And it always has
the same hostname (hostname, which i
> > defined in $myhostname). I would like to have message id use domain
which will depend on sender address. So, if
> > sender address is nore...@domain1.tld, message id should look like
"Message-Id:
> > <20120921201403.E349360F3@*domain1.tld*>", and in case if sender
address is nore...@domain2.tld message id should
> > look like "Message-Id: <20120921201403.E349360F3@*domain2.tld*>". So, i
need rewrite message id depend from sender
> > address. header_checks is doing rewriting by string as i see.. Is there
any way to perform message id rewriting as
> > i want?
>
> why do you not generate the message-id in your PHP-APP instead fixing
> it after submit by postfix? solve problems where they
> are happening instead of work around him
>
Very true. It is easier to generate message-id in php. This way, OP can set
whatever message-id that he wants.

Re: Destination rate delay not working??

[DN Singh]

On Sep 11, 2012 8:43 PM, "Wietse Venema"  wrote:
>
> DN Singh:
> > We some trouble with rediff deliveries, and therefore were trying this
> > combination. While searching the archives, we found that rediff does not
> > like connection caching, and about the recipient_limit option. The rate
>
> With recipient_limit=1, the Postfix scheduler will try to deliver
> different recipents in parallel. The concurrency is limited only
> by the process limit (in master.cf) for the message delivery
> transport.
>
> You can set that process limit to 1, but that will not change how
> the rate delay works. As before, it will enforce the delay between
> deliveries for the same recipient.
>
> Wietse
Will transport_destination_concurrency work in this case? I am asking
because I had created this transport for the purpose of throttling.

Re: Destination rate delay not working??

[DN Singh]

On Tue, Sep 11, 2012 at 6:38 PM, Viktor Dukhovni  wrote:

> On Tue, Sep 11, 2012 at 04:26:07PM +0530, DN Singh wrote:
>
> > domain3_destination_rate_delay = 30s
> > domain3_destination_recipient_limit = 1
>
> This combination is unlikely to yield the results you expect.  When
> a transport's recipient limit is set to 1, its concurrency is
> measured *per-mailbox*, not per *nexthop*. In this case you get at
> most one delivery per destination mailbox per 30 seconds, but
> concurrency accross multiple recipient email addresses is bounded
> only by the transport process limit.
>
> Best to leave the recipient limit at the default 50.
>
>
We some trouble with rediff deliveries, and therefore were trying this
combination. While searching the archives, we found that rediff does not
like connection caching, and about the recipient_limit option. The rate
delay was previously added.
So, finally both the configuration ended up like this.
I removed the destination_recipient, and the delay is working as expected
now.

This means, either of the two options will have to be removed for the other
to work. New concept learned today. Thanks!!!

> --
> Viktor.
>

Re: Destination rate delay not working??

[DN Singh]

On Tue, Sep 11, 2012 at 5:43 PM, Wietse Venema  wrote:

> DN Singh:
> > > > > > What is the output from:
> > > > > >
> > > > > > postmap -q rediffmail.com hash:/etc/postfix/transport
> > > > > >
> > > > >
> > > > The command gives below output:
> > > > ==
> > > > domain3:
> > > > ==
> > >
> > > What is the output from:
> > >
> > > postconf | grep '^domain3'
>
> Is this really "domain3" or are you changing the evidence? I need
> to know what really happens (the technical problem), not your
> imagination (which is in the domain of psychology).
>
> This is what happens when I use real names.
>
> I set local_destination_rate_delay=5s, and send three messages:
>
> Sep 11 08:06:10 tail postfix/local[2565]: 3XGPwf0DYHznjbn: to=<
> wie...@localhost.porcupine.org>, orig_to=, relay=local,
> delay=0.03, delays=0.02/0.01/0/0, dsn=2.0.0, status=sent (delivered to
> mailbox)
> ...
> Sep 11 08:06:15 tail postfix/local[2565]: 3XGPwf0JR5znjbk: to=<
> wie...@localhost.porcupine.org>, orig_to=, relay=local,
> delay=5, delays=0.02/5/0/0, dsn=2.0.0, status=sent (delivered to mailbox)
> ...
> Sep 11 08:06:20 tail postfix/local[2565]: 3XGPwf0L8zznjbl: to=<
> wie...@localhost.porcupine.org>, orig_to=, relay=local,
> delay=10, delays=0.02/10/0/0, dsn=2.0.0, status=sent (delivered to mailbox)
>
> Same result with smtp_destination_rate_delay=5s:
>
> Sep 11 08:08:44 tail postfix/smtp[2597]: 3XGPzc0DWqznjbl: to=<
> wie...@porcupine.org>, orig_to=, 
> relay=spike.porcupine.org[168.100.189.2]:25,
> delay=0.19, delays=0.04/0/0/0.15, dsn=2.0.0, status=sent (250 2.0.0 Ok:
> queued as 3XGPzc0jwyzk2RR)
> ...
> Sep 11 08:08:49 tail postfix/smtp[2597]: 3XGPzc0WLJznjbk: to=<
> wie...@porcupine.org>, orig_to=, 
> relay=spike.porcupine.org[168.100.189.2]:25,
> delay=5.3, delays=0.04/5.2/0/0.14, dsn=2.0.0, status=sent (250 2.0.0 Ok:
> queued as 3XGPzj1rS4zk2RR)
> ...
> Sep 11 08:08:54 tail postfix/smtp[2597]: 3XGPzc0Xylznjbm: to=<
> wie...@porcupine.org>, orig_to=, 
> relay=spike.porcupine.org[168.100.189.2]:25,
> delay=11, delays=0.04/10/0/0.14, dsn=2.0.0, status=sent (250 2.0.0 Ok:
> queued as 3XGPzp2yz6zk2RR)
>
> This happens with real names, not imaginary ones.
>
> Wietse
>
I had given ALL related configuration parameters: main.cf, master.cf and
transport maps in the first mail itself. I haven't changed anything other
than the email addresses in the logs. The transport names were just chosen
randomly, since I do not believe that they would affect functioning. Your
logs do show that the delivery is indeed happening as required.

I had a doubt about concurrency. Can it be that there are multiple
connections to the destination? Although documentation suggests otherwise.

Also, since I want to be helped, why would I change the info I provide? It
would defeat the whole purpose of asking help.

Re: Destination rate delay not working??

[DN Singh]

On Tue, Sep 11, 2012 at 4:21 PM, Wietse Venema  wrote:

> Domain Singh:
> [ Charset ISO-8859-1 unsupported, converting... ]
> > On Mon, Sep 10, 2012 at 8:13 PM, DN Singh  wrote:
> >
> > >
> > > On Sep 10, 2012 7:02 PM, "Wietse Venema"  wrote:
> > > >
> > > > DN Singh:
> > > > > Sep 10 *18:15:34* hostname postfix/master[1227]: reload -- version
> > > 2.9.3,
> > > > > configuration /etc/postfix
> > > > > Sep 10 *18:15:47* hostname postfix/smtp[11163]: 03A6C4C71E4: to=<*@
> > > > > rediffmail.com>, relay=mx.rediffmail.rediff.akadns.net
> > > [202.137.234.30]:25,
> > > >
> > > > What is the output from:
> > > >
> > > > postmap -q rediffmail.com hash:/etc/postfix/transport
> > > >
> > >
> > The command gives below output:
> > ==
> > domain3:
> > ==
>
> What is the output from:
>
> postconf | grep '^domain3'
>
> =
domain3_delivery_slot_cost = $default_delivery_slot_cost
domain3_delivery_slot_discount = $default_delivery_slot_discount
domain3_delivery_slot_loan = $default_delivery_slot_loan
domain3_destination_concurrency_failed_cohort_limit =
$default_destination_concurrency_failed_cohort_limit
domain3_destination_concurrency_limit =
$default_destination_concurrency_limit
domain3_destination_concurrency_negative_feedback =
$default_destination_concurrency_negative_feedback
domain3_destination_concurrency_positive_feedback =
$default_destination_concurrency_positive_feedback
domain3_destination_rate_delay = 30s
domain3_destination_recipient_limit = 1
domain3_extra_recipient_limit = $default_extra_recipient_limit
domain3_initial_destination_concurrency = $initial_destination_concurrency
domain3_minimum_delivery_slots = $default_minimum_delivery_slots
domain3_recipient_limit = $default_recipient_limit
domain3_recipient_refill_delay = $default_recipient_refill_delay
domain3_recipient_refill_limit = $default_recipient_refill_limit
=


> Wietse
>

Re: Destination rate delay not working??

[DN Singh]

On Sep 10, 2012 7:02 PM, "Wietse Venema"  wrote:
>
> DN Singh:
> > Sep 10 *18:15:34* hostname postfix/master[1227]: reload -- version
2.9.3,
> > configuration /etc/postfix
> > Sep 10 *18:15:47* hostname postfix/smtp[11163]: 03A6C4C71E4: to=<*@
> > rediffmail.com>, relay=mx.rediffmail.rediff.akadns.net
[202.137.234.30]:25,
>
> What is the output from:
>
> postmap -q rediffmail.com hash:/etc/postfix/transport
>
> Are you perhaps using FILTER actions (access map, header/body_checks)
> or sender_dependent_ features? Those override Postfix routing and
> make transport_maps ineffective.
>
> Wietse
I am currently out of office, so cannot give you the output of the command.
But, we do have header check enabled to warn about subject line, because we
wanted to enable subject logging.

Re: Destination rate delay not working??

[DN Singh]

On Mon, Sep 10, 2012 at 6:09 PM, Wietse Venema  wrote:

> DN Singh:
> > I have configured rate delays for different domains, but it seems that
> > rate delays are not working. Please help me understand if there is any
>
> Wietse:
> > Please define "not working".
>
> DN Singh
> > My understanding of transport_rate_delay based on postconf manual is
> that,
> > since I have specified a rate delay of 30s for that particular
> > domain/transport, there should have been a gap of at least 30s between
> > successive deliveries to the same destination. But, the mails were
> > delivered instantly and even simultaneously in some cases.
>
> Does the problem go away after you run
>
> postmap hash:/etc/postfix/transport
> postfix reload
>
> When you run "ps ax|grep master", how many master daemons are running
> on your system?
>
> That means my understanding is correct.

I did postmap and reloaded postfix. This is what happened after that:


Sep 10 *18:15:34* hostname postfix/master[1227]: reload -- version 2.9.3,
configuration /etc/postfix
Sep 10 *18:15:47* hostname postfix/smtp[11163]: 03A6C4C71E4: to=<*@
rediffmail.com>, relay=mx.rediffmail.rediff.akadns.net[202.137.234.30]:25,
delay=8617, delays=8617/0.05/0.53/0.11, dsn=2.0.0, status=sent (250 ok
1347281147 qp 18145)
Sep 10 *18:15:47* hostname postfix/smtp[11155]: 7FA1F4C748B: to=<*@
rediffmail.com>, relay=mx.rediffmail.rediff.akadns.net[202.137.234.30]:25,
delay=2011, delays=2010/0.13/0.54/0.12, dsn=2.0.0, status=sent (250 ok
1347281146 qp 5970)
Sep 10 *18:15:47* hostname postfix/smtp[11152]: 78E6A4C7194: to=<*@
rediffmail.com>, relay=mx.rediffmail.rediff.akadns.net[202.137.234.30]:25,
delay=8646, delays=8645/0.01/0.54/0.32, dsn=2.0.0, status=sent (250 ok
1347281146 qp 12352)
Sep 10 *18:15:47* hostname postfix/smtp[11173]: 5350E4C77BE: to=<*@
rediffmail.com>, relay=mx.rediffmail.rediff.akadns.net[202.137.234.30]:25,
delay=329, delays=329/0.02/0.29/0.39, dsn=2.0.0, status=sent (250 ok
1347281147 qp 27208)
Sep 10 *18:15:47* hostname postfix/smtp[11166]: B6D9D4C7757: to=<*@
rediffmail.com>, relay=mx.rediffmail.rediff.akadns.net[202.137.234.30]:25,
delay=417, delays=416/0.02/0.74/0.14, dsn=2.0.0, status=sent (250 ok
1347281147 qp 21739)
Sep 10 *18:15:47* hostname postfix/smtp[11162]: 06F444C7774: to=<*@
rediffmail.com>, relay=mx.rediffmail.rediff.akadns.net[202.137.234.30]:25,
delay=779, delays=778/0.06/0.53/0.36, dsn=2.0.0, status=sent (250 ok
1347281147 qp 11332)
Sep 10 *18:15:47* hostname postfix/smtp[11189]: 6147E4C765C: to=<*@
rediffmail.com>, relay=mx.rediffmail.rediff.akadns.net[202.137.234.30]:25,
delay=2008, delays=2008/0.01/0.28/0.44, dsn=2.0.0, status=sent (250 ok
1347281147 qp 23114)
Sep 10 *18:15:47* hostname postfix/smtp[11177]: F12B24C71EE: to=<*@
rediffmail.com>, relay=mx.rediffmail.rediff.akadns.net[202.137.234.30]:25,
delay=1321, delays=1320/0.01/0.53/0.38, dsn=2.0.0, status=sent (250 ok
1347281147 qp 27834)
Sep 10 *18:15:47* hostname postfix/smtp[11167]: BAE464C7657: to=<*@
rediffmail.com>, relay=mx.rediffmail.rediff.akadns.net[202.137.234.30]:25,
delay=1951, delays=1950/0.15/0.53/0.64, dsn=2.0.0, status=sent (250 ok
1347281147 qp 12473)
-

Below is the output of "ps ax|grep master":
---
 1227 ?Ss 0:14 /usr/libexec/postfix/master
11234 pts/0R+ 0:00 grep master
---


> Wietse
>

Re: Destination rate delay not working??

[DN Singh]

On Mon, Sep 10, 2012 at 5:41 PM, Wietse Venema  wrote:

> DN Singh:
> > > > I have configured rate delays for different domains, but it seems
> that
> > > > rate delays are not working. Please help me understand if there is
> any
>
> Please define "not working".
>
My understanding of transport_rate_delay based on postconf manual is that,
since I have specified a rate delay of 30s for that particular
domain/transport, there should have been a gap of at least 30s between
successive deliveries to the same destination. But, the mails were
delivered instantly and even simultaneously in some cases.

Please correct me if I am wrong.
Thanks.

>

Wietse
>

Re: Destination rate delay not working??

[DN Singh]

On Mon, Sep 10, 2012 at 4:53 PM, Robert Schetterer wrote:

> Am 10.09.2012 13:11, schrieb DN Singh:
> > Hello List,
> >
> > I have configured rate delays for different domains, but it seems that
> > rate delays are not working. Please help me understand if there is any
> > problem in the configuration.
> >
>
> i do it like this, hope it helps
>
> master.cf
> ...
> slow  unix  -   -   n   -   -   smtp
> ...
>
> transport
>
> ...
> hotmail.com   slow:hotmail.com
> hotmail.deslow:hotmail.de
> gmx.deslow:gmx.de
> gmx.net   slow:gmx.net
> yahoo.de  slow:yahoo.de
> yahoo.com slow:yahoo.com
> aol.deslow:aol.de
> aol.com   slow:aol.com
> web.deslow:web.de
> free.fr   slow:free.fr
> t-online.de   slow:t-online.de
> gmail.com slow:gmail.com
> alice-dsl.de  slow:alice-dsl.de
> freenet.deslow:freenet.de
> versanet.de   slow:versanet.de
> online.de slow:online.de
> arcor.de  slow:arcor.de
> googlemail.com slow:googlemail.com
> google.comslow:google.com
> ---
>
> main.cf
>
> ...
> slow_destination_recipient_limit = 5
> slow_destination_rate_delay = 5s
> slow_destination_concurrency_failed_cohort_limit = 100
> slow_destination_concurrency_limit = 2
> ...
>
>
> --
> Best Regards
> MfG Robert Schetterer
>

That is a similar configuration except, you have kept all domains on same
transport. I have kept different delays for different domains. Thanks for
the help anyways.

Destination rate delay not working??

[DN Singh]

Hello List,

I have configured rate delays for different domains, but it seems that rate
delays are not working. Please help me understand if there is any problem
in the configuration.
The case in question is rediffmail.


postconf -n output
-
bounce_queue_lifetime = 0
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd
$daemon_directory/$process_name $process_id & sleep 5
default_destination_concurrency_limit = 2
disable_vrfy_command = yes
domain1_destination_rate_delay = 1s
domain2_destination_rate_delay = 10s
*domain3_destination_rate_delay = 30s*
*domain3_destination_recipient_limit = 1*
header_checks = regexp:/etc/postfix/header_checks
home_mailbox = Maildir/
html_directory = no
in_flow_delay = 1s
inet_interfaces = all
inet_protocols = ipv4
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mynetworks = 127.0.0.0/8
newaliases_path = /usr/bin/newaliases.postfix
non_smtpd_milters = inet:localhost:20209
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.9.3/README_FILES
sample_directory = /usr/share/doc/postfix-2.9.3/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_connection_cache_destinations = yahoo.co.in yahoo.com
smtp_connection_cache_on_demand = yes
smtpd_helo_restrictions = permit_mynetworks,permit_sasl_authenticated
smtpd_milters = inet:localhost:20209
smtpd_recipient_restrictions = reject_rhsbl_recipient rhsbl.sorbs.net,
reject_rhsbl_recipient bogusmx.rfc-ignorant.org,
reject_unknown_recipient_domain, permit_mynetworks, permit_inet_interfaces,
reject
smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
-
Transport Map:
-
yahoo.com domain1:
yahoo.co.indomain1:
yahoo.indomain1:
rediffmail.com domain3:
rediff.com domain3:
hotmail.com domain1:
live.com  domain1:
-
Master.cf entries:
-
domain1   unix - -   n   -   -   smtp
domain2   unix - -   n   -   -   smtp
domain3   unix - -   n   -   -   smtp

Log sample:


Sep 10 13:29:03 hostname postfix/smtp[6906]: 51A0A4C7115: to=<*@
rediffmail.com>, relay=mx.rediffmail.rediff.akadns.net[202.137.234.30]:25,
delay=2.7, delays=1.1/0.01/1.3/0.25, dsn=2.0.0, status=sent (250 ok
1347263943 qp 17444)
Sep 10 13:29:04 hostname postfix/smtp[6905]: 4A5D14C7114: to=<*@
rediffmail.com>, relay=mx.rediffmail.rediff.akadns.net[119.252.147.10]:25,
delay=3.9, delays=2/0.01/1.2/0.64, dsn=2.0.0, status=sent (250 ok
1347263944 qp 14538)
Sep 10 *13:29:31* hostname postfix/smtp[6905]: C77584C7111: to=<*@
rediffmail.com>, relay=mx.rediffmail.rediff.akadns.net[202.137.234.30]:25,
delay=0.94, delays=0.3/0/0.27/0.37, dsn=2.0.0, status=sent (250 ok
1347263971 qp 23985)
Sep 10 *13:29:32* hostname postfix/smtp[6906]: 829794C710A: to=<*@
rediffmail.com>, relay=mx.rediffmail.rediff.akadns.net[202.137.234.30]:25,
delay=3.1, delays=0.61/0/1.4/1.1, dsn=2.0.0, status=sent (250 ok 1347263971
qp 29266)
Sep 10 *13:30:01* hostname postfix/smtp[6906]: 213C34C7110: to=<*@
rediffmail.com>, relay=mx.rediffmail.rediff.akadns.net[202.137.234.30]:25,
delay=1.5, delays=0.3/0/0.28/0.91, dsn=2.0.0, status=sent (250 ok
1347264001 qp 32638)
Sep 10 *13:30:01* hostname postfix/smtp[6905]: BF3D64C710F: to=<*@
rediffmail.com>, relay=mx.rediffmail.rediff.akadns.net[202.137.234.30]:25,
delay=1.9, delays=0.3/0/1.2/0.42, dsn=2.0.0, status=sent (250 ok 1347264001
qp 12994)
Sep 10 *13:30:02* hostname postfix/smtp[6917]: 71FAA4C7111: to=<*@
rediffmail.com>, relay=mx.rediffmail.rediff.akadns.net[202.137.234.30]:25,
delay=2.1, delays=0.61/0.01/0.29/1.2, dsn=2.0.0, status=sent (250 ok
1347264001 qp 17101)
Sep 10 *13:30:02* hostname postfix/smtp[6905]: 9745B4C7119: to=<*@
rediffmail.com>, relay=mx.rediffmail.rediff.akadns.net[202.137.234.30]:25,
delay=1.1, delays=0.3/0/0.27/0.53, dsn=2.0.0, status=sent (250 ok
1347264002 qp 12485)
Sep 10 *13:30:02* hostname postfix/smtp[6906]: 7346E4C710F: to=<*@
rediffmail.com>, relay=mx.rediffmail.rediff.akadns.net[202.137.234.30]:25,
delay=1.6, delays=0.3/0/0.28/0.97, dsn=2.0.0, status=sent (250 ok
1347264002 qp 4121)
--

Please notice the simultaneous deliveries, which shouldn't have been the
case. Sorry for the lengthy mail.

Thanks in advance.

Re: high-speed postfix configuration

[DN Singh]

On Wed, Aug 29, 2012 at 6:06 PM, Stan Hoeppner wrote:

> On 8/28/2012 1:13 PM, Viktor Dukhovni wrote:
> > On Tue, Aug 28, 2012 at 11:48:19AM -0500, Stan Hoeppner wrote:
> >
> >> So maybe for this particular application a ramdisk isn't a horrible
> >> idea.  But he still has the problem of implementing parallel submission
> >> in his java application, otherwise it won't matter if it's a ramdisk or
> >> an old 3600 RPM MFM drive on an 8 bit controller.
> >
> > It should be noted that parallel submission is not a work-around
> > for Postfix per-client rate limits (the default in_flow_delay is
> > a rather soft barrier in any case).
>
> Of course.  And it should be noted that even though this is rather soft,
> the OP was tripping it and seeing a back off delay of around 6 seconds.
>
> > Rather, parallel submission
> > is a way to ammortize SMTP latency across multiple connections.
>
> > In the same time that it takes to process a single incoming message,
> > it is possible to accept multiple parallel messages. For clients
> > with a low-latency (LAN or campus network) connection to the SMTP
> > server, concurrency of ~20 connections is often sufficient to
> > saturate the server's disk bandwidth (or CPU bandwidth if moderately
> > expensive content filtering is in place).
>
> Which is why I recommended the OP do two things in his java app:
>
> 1.  Implement parallel delivery _and_
> 2.  Implement submission rate control on each thread, e.g. 20 msgs/sec
>
> > Strictly serialized SMTP submission is slow because it fails to
> > fully utilize idle CPU, network and disk cycles.
>
> Usually disk, as will be the case here once the OP gets his submission
> rate up where he wants it.  Which how we wound up talking about the
> typically insane idea of using a ramdisk for the queue. ;)
>
>
The thread seems very interesting. We use threading for concurrent
submissions, and were able to submit around 40k mails per hour on a VM. We
had 10 smtp connections with each connection pushing around 1000 mails. The
threads would work until the submission got completed.
We had to throttle it down, because we were facing delivery issues.


> --
> Stan
>
>

Re: ..::Rbl not working::..

[DN Singh]

On Tue, Aug 21, 2012 at 7:52 PM, /dev/rob0  wrote:

> On Tue, Aug 21, 2012 at 09:03:47AM -0500,
>Alfonso Alejandro Reyes Jiménez wrote:
> > I've postfix working great but I cant make the rbl works, I have
> > the configuration but when I test the configuration it seems not
> > to be working.
> >
> > I'm testing with http://www.crynwr.com/spam/ Spamhaus has that ip
> > address listed but I'm still getting those emails.
> >
> > Here's the postconf -n result:
> >
> > [root@mail ~]# postconf -n
>
> Irrelevant parts removed, possibly relevant lines here:
>
> > mynetworks = 127.0.0.0/8, 10.1.8.27/32, 10.1.8.23/32,
> > 172.16.18.101/32, 10.1.215.26/32
>
> > smtpd_recipient_restrictions =
> > permit_mynetworks,permit_sasl_authenticated,reject_rbl_client
> > zen.spamhaus.org,reject_rhsbl_sender
> > dsn.rfc-ignorant.org,reject_unauth_destination
>
> > any ideas? thanks in advance for your help.
>
> You neglected to show the logs of the acceptance of the crynwr.com
> test mail.
>
> Nevertheless, I do have a WAG for you. Test your server's ability to
> resolve records in zen.spamhaus.org.
>
> [alfonso@mail ~]$ dig 2.0.0.127.zen.spamhaus.org. any
>
> You should see among the output:
>
> ;; ANSWER SECTION:
> 2.0.0.127.zen.spamhaus.org. 300 IN  TXT "
> http://www.spamhaus.org/query/bl?ip=127.0.0.2";
> 2.0.0.127.zen.spamhaus.org. 300 IN  TXT "
> http://www.spamhaus.org/sbl/query/SBL233";
> 2.0.0.127.zen.spamhaus.org. 300 IN  A   127.0.0.4
> 2.0.0.127.zen.spamhaus.org. 300 IN  A   127.0.0.10
> 2.0.0.127.zen.spamhaus.org. 300 IN  A   127.0.0.2
>
> If you're using a nameserver external to you, such as Google Public
> DNS or any ISP's resolver, there is a very good chance that Spamhaus
> is blocking your queries.
>
> If my guess is right, you can possibly fix it by installing and using
> your own local caching resolver, i.e., BIND named(8) or other
> implementation of DNS recursion. Offer void where taxed or
> restricted, or if your number of queries puts you in excess of
> Spamhaus maximum allowed. (In that case, see about their paid
> service; well worth the small expense per mailbox.)
> --
>   http://rob0.nodns4.us/ -- system administration and consulting
>   Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
>


 I never realized that I had this issue too. But, after running the tests,
I found out that my queries were indeed blocked by spamhaus.

So, I changed the servers as pointed out and bingo, spam was successfully
being blocked.

Thanks /dev/rob0

Re: Piping mail to script

[DN Singh]

On Fri, Aug 3, 2012 at 2:29 PM, Ansgar Wiechers wrote:

> On 2012-08-03 DN Singh wrote:
> > I have a setup to receive mails for a subdomain, which is also the
> > hostname of the server. I want to use system users as mailboxes. This
> > used to work fine until I implemented catch-all address. I added an
> > entry "@domain.tld u...@domain.tld" in virtual map. But, all mails
> > went to that user.
>
> Umm... yes. This is expected behavior. Not to mention that a catch-all
> is a Really Bad Idea(tm) to begin with. What problem are you trying to
> solve by doing this?
>
> I have newsletter setup of around 4k users. I am trying to implement verp
to parse bounced email-ids. So, I need to implement catch-all setup. I have
tested the script with IMAP and am not satisfied with the result. So, I
want to test the other work-around where in, the script gets called
directly for each and every mail.
If the piping method works, I might even try other functions with different
mailboxes.

Regards
> Ansgar Wiechers
> --
> "Abstractions save us time working, but they don't save us time learning."
> --Joel Spolsky
>

Piping mail to script

[DN Singh]

Hello Group,

I have a setup to receive mails for a subdomain, which is also the hostname
of the server. I want to use system users as mailboxes. This used to work
fine until I implemented catch-all address. I added an entry "@domain.tld
  u...@domain.tld" in virtual map. But, all mails went to that
user. So, I ended up creating an entry for each and every user in virtual
map. But, this does not seem feasible since I want to use system user.
Next, I want to pipe all the unrouted mail (catch-all mechanism) to a php
script. But, I do not understand how to do this. Below is the output of
'postconf -n':

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
bounce_queue_lifetime = 1d
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
header_checks = regexp:/etc/postfix/header_checks
home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
inet_protocols = ipv4
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
maximal_queue_lifetime = 1d
mydestination = $myhostname, localhost.$mydomain, localhost
myhostname = subdomain.domain.tld
mynetworks_style = subnet
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
sample_directory = /usr/share/doc/postfix-2.3.3/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_client_connection_rate_limit = 100
smtpd_client_message_rate_limit = 100
smtpd_helo_restrictions = permit_mynetworks, reject_rbl_client
psbl.surriel.com, reject_rbl_client sbl-xbl.spamhaus.org
smtpd_recipient_restrictions = permit_mynetworks,
 reject_unauth_destination reject_non_fqdn_helo_hostname
reject_invalid_helo_hostname reject_unlisted_recipient
unknown_local_recipient_reject_code = 550
virtual_alias_maps = hash:/etc/postfix/virtual

Cheers

Re: DNS cache

[DN Singh]

Thank You very much for the answer. Prompt and apt as always

On Thu, Apr 5, 2012 at 8:59 PM, Wietse Venema  wrote:

> DN Singh:
> > Hello group,
> > While implementing our own DNSBL, I came across a phenomenon. Right now
> in
> > testing phase, I found that the dns queries were being cached in postfix
> > itself. I had made some changes in the dns side, and wanted them to be
> > reflected on the mta.
>
> A Postfix SMTP daemon caches successful DNS[BW]L lookup results
> TEMPORARILY in its own memory.  It terminates after being idle for
> $max_idle seconds (default 100), after serving $max_use clients
> (default: 100), or after "postfix reload".
>
> The postscreen daemon does not cache DNS lookup results. Instead,
> it saves its whitelisting decisions to a persistent database.
>
>Wietse
>

DNS cache

[DN Singh]

Hello group,
While implementing our own DNSBL, I came across a phenomenon. Right now in
testing phase, I found that the dns queries were being cached in postfix
itself. I had made some changes in the dns side, and wanted them to be
reflected on the mta.
I tried flushing the dns cache by restarting the caching nameserver. But,
the changes were reflected only after Postfix was restarted.
So, just wanted to confirm if there is any caching nameserver inside
postfix itself. If so, I'll have to consider it during the setup design.

Cheers!!!

Re: Avoiding "Domain not found" errors

[DN Singh]

The setting can be changed in the parameter "smtpd_sender_restrictions"
reject_unknown_sender_domain, if it is necessary.

Postfix looks up the the domain, and if it does not find any info, it
rejects the mail.
Anyways, the domain in the mail is indeed non-existent.

On Wed, Feb 8, 2012 at 9:45 AM, N. Yaakov Ziskind  wrote:

> A particular mailer, slightly broken, cannot send mail to a postfix
> (2.7.0) box:
>
> Feb 5 08:51:16 pizza postfix/smtpd[30453]: NOQUEUE: reject: RCPT from
> chocolate .egps.com[38.119.130.7]: 450 4.1.8
> : Sender address rejected: i
> Domain not found; from=
> to= proto=ESMTP helo=
>
> Where the sample@domain.example is a valid address on the local machine.
>
> What's the easiest to let this mail through? I tried adding the domain
> to /var/spool/postfix/etc/hosts, and it didn't help.
>
> Thanks!
>
>

Re: Pflogsumm Version 1.1.4 Released

[DN Singh]

On Wed, Feb 1, 2012 at 10:07 PM, James Seymour  wrote:

> On Wed, 1 Feb 2012 11:23:46 -0500 (EST)
> Wietse Venema  wrote:
>
> [snip]
> >
> > Thanks, Jim.
>
> You're welcome, Wietse.  And thank *you* for Postfix.
>
> Regards,
> Jim
> --
> Note: My mail server employs *very* aggressive anti-spam
> filtering.  If you reply to this email and your email is
> rejected, please accept my apologies and let me know via my
> web form at .
>

Thanks both of you for these wonderful tools... :)

Re: limiting outgoing

[DN Singh]

On Sat, Jan 14, 2012 at 1:36 PM, Robert Schetterer wrote:

> Am 14.01.2012 04:40, schrieb Benny Pedersen:
> > On Thu, 12 Jan 2012 17:31:17 +0100, Jiri Vitek wrote:
> >
> >>> slow_destination_concurrency_limit = 2
> >>> slow_destination_concurrency_limit = 2
> >
> > ymvw, only one line is needed :)
> >
> >
> >
>
> ups , yes youre right, some copy paste stuff
> thx !!!
>
> --
> Best Regards
>
> MfG Robert Schetterer
>
> Germany/Munich/Bavaria
>

Can anyone please explain "slow_destination_concurrency_failed_cohort_limit
= 100"?
I tried to figure it out, couldn't.

Re: Weird rejection

[DN Singh]

On Wed, Jan 25, 2012 at 11:39 PM, /dev/rob0  wrote:

> On Wed, Jan 25, 2012 at 12:03:22PM -0600, I wrote:
> > On Wed, Jan 25, 2012 at 11:08:30PM +0530, DN Singh wrote:
> > > Guys, I did find find the culprit, but it was not in the yahoo
> > > list, but the overall file. The entry was:
> > >
> > > ##
> > > co.inREJECT Bad domain 1868
> > > ##
> > >
> > > I guess this should reject emails like a...@co.in, and not
> > > a...@sss.co.in, right?
>
> I see that I forgot to answer your question. In the former case,
> definitely. In the latter case, given the default setting of
> parent_domain_matches_subdomains, yes also. Thus I suggest changing
> that setting as detailed further below.
>
> > > Is this comparison right?? This way, one entry of .com, will reject
> > > all mails to every .com domain. Please let me know if this true.
>
> "com" matches every .com domain. If parent_domain_matches_subdomains
> has been unset, then ".com" matches every .com domain.
>
> > http://www/postfix.org/postconf.5.html#parent_domain_matches_subdomains
> >
> > I unset that, so that if I want to match a subdomain of
>
> "Unset" here means adding to main.cf:
>
> parent_domain_matches_subdomains =
>
> I hope this is clearer now.
>
> > example.co.in, I must have an explicit ".example.co.in" pattern
> > listed.
> >
> > Rarely is this a good idea; certainly not in the case of a second-
> > level domain like co.in.
> --
>  http://rob0.nodns4.us/ -- system administration and consulting
>  Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
>

Thanks rob0 for pointing that out. I will consider it for the
configuration. Also, does the access map support *.abc.com?
The case is, mails should be sent to abc.com, but not to *any* subdomain of
abc.com. I am using hash format right now. Will I have to switch to pcre
for this purpose?

Re: Weird rejection

[DN Singh]

Thank you very much guys, you're a lifesaver..

@Pierre: The script you wrote did a job of replacing, but did not replace
the file itself, and instead showed the output on screen. So, I just
redirected the output in another file, and it worked.

Guys, I did find find the culprit, but it was not in the yahoo list, but
the overall file.
The entry was:

##
co.inREJECT Bad domain 1868
##

I guess this should reject emails like a...@co.in, and not a...@sss.co.in,
right?
Is this comparison right?? This way, one entry of .com, will reject all
mails to every .com domain. Please let me know if this true.

Anyways, thanks again group.


On Wed, Jan 25, 2012 at 8:51 PM, Robert Schetterer wrote:

> Am 25.01.2012 15:59, schrieb Ralf Hildebrandt:
> > * DN Singh :
> >> Duane, I am not using sender restrictions right now, but I can
> implement it.
> >>
> >> Ralf, can you please tell me a method to append incremental numbers at
> the
> >> end of each line?
> >
> > Use a text editor?
> >
>
> with small google
>
> i found this using your reject table
>
> may not optimal but in my small test it does the job
>
> i.e
>
> nawk '{print $0 " " "reject rule", FNR}'
> test-add-number-postfix-reject-file
>
> gives something like that
>
>
> 06yahoo.co.in REJECT reject rule 1
> 078yahoo.co.in REJECT reject rule 2
> 123yahoo.co.in REJECT reject rule 3
> 1974yahoo.co.in REJECT reject rule 4
> 2003yahoo.co.in REJECT reject rule 5
> 2005yahoo.co.in REJECT reject rule 6
> 2007yahoo.co.in REJECT reject rule 7
> 212yahoo.co.in REJECT reject rule 8
> yahoo.co.in REJECT reject rule 9
> 24yahoo.co.in REJECT reject rule 10
> 27yahoo.co.in REJECT reject rule 11
> 2yahoo.co.in REJECT reject rule 12
> 332857yahoo.co.in REJECT reject rule 13
> 4yahoo.co.in REJECT reject rule 14
> 78yahoo.co.in REJECT reject rule 15
> 7yahoo.co.in REJECT reject rule 16
> 86yahoo.co.in REJECT reject rule 17
> 9yahoo.co.in REJECT reject rule 18
> ali2005yahoo.co.in REJECT reject rule 19
> ayahoo.co.in REJECT reject rule 20
> cindrellayahoo.co.in REJECT reject rule 21
> #com.yahoo.co.in REJECT reject rule 22
> gyahoo.co.in REJECT reject rule 23
> hsbcyahoo.co.in REJECT reject rule 24
> iyahoo.co.in REJECT reject rule 25
> jenayahoo.co.in REJECT reject rule 26
> lyahoo.co.in REJECT reject rule 27
> qyahoo.co.in REJECT reject rule 28
> ryahoo.co.in REJECT reject rule 29
> techbooksyahoo.co.in REJECT reject rule 30
> tyahoo.co.in REJECT reject rule 31
> uyahoo.co.in REJECT reject rule 32
> yahoo.co.inan REJECT reject rule 33
> yahoo.co.inb REJECT reject rule 34
> yahoo.co.in.br REJECT reject rule 35
> yahoo.co.inca REJECT reject rule 36
> yahoo.co.inccc REJECT reject rule 37
> yahoo.co.inccct REJECT reject rule 38
> #yahoo.co.in.co.in REJECT reject rule 39
> yahoo.co.in REJECT reject rule 40
> yahoo.co.inddd REJECT reject rule 41
> yahoo.co.indd REJECT reject rule 42
> yahoo.co.india REJECT reject rule 43
> yahoo.co.ind REJECT reject rule 44
> yahoo.co.inet REJECT reject rule 45
> yahoo.co.inff REJECT reject rule 46
> yahoo.co.inf REJECT reject rule 47
> yahoo.co.inggg REJECT reject rule 48
> yahoo.co.ingg REJECT reject rule 49
> yahoo.co.ing REJECT reject rule 50
> yahoo.co.inhhd REJECT reject rule 51
> yahoo.co.inh REJECT reject rule 52
> #yahoo.co.in.in REJECT reject rule 53
> yahoo.co.ini REJECT reject rule 54
> yahoo.co.injjdd REJECT reject rule 55
> yahoo.co.inm REJECT reject rule 56
> yahoo.co.inne REJECT reject rule 57
> yahoo.co.in REJECT reject rule 58
> yahoo.co.i REJECT reject rule 59
> yahoo.co.innn REJECT reject rule 60
> yahoo.co.inn REJECT reject rule 61
> yahoo.co.ino REJECT reject rule 62
> yahoo.co.inp REJECT reject rule 63
> yahoo.co.ins REJECT reject rule 64
> yahoo.co.in.uk REJECT reject rule 65
> yahoo.co.inu REJECT reject rule 66
> yahoo.co.inuu REJECT reject rule 67
> yahoo.comin REJECT reject rule 68
> --
> Best Regards
>
> MfG Robert Schetterer
>
> Germany/Munich/Bavaria
>

Re: Weird rejection

[DN Singh]

On Wed, Jan 25, 2012 at 7:40 PM, Duane Hill  wrote:

> On Wednesday, January 25, 2012 at 13:41:54 UTC, 
> dnsingh.dns@gmail.comconfabulated:
>
> > Duane, I am not using sender restrictions right now, but I can implement
> it.
>
> > Ralf, can you please tell me a method to append incremental numbers at
> the
> > end of each line? I need to do it as you pointed out.
> > I was searching for the same, but could not find out something that
> exactly
> > does what I need. Sorry for asking this in this group, but my skills in
> > this matter are rather limited.
>
> He  means  use something in the reject you can identify the individual
> rejects in the logs, like:
>
> ...
> 1974yahoo.co.in REJECT Bad Yahoo domain 01
> 2003yahoo.co.in REJECT Bad Yahoo domain 02
> 2005yahoo.co.in REJECT Bad Yahoo domain 03
> ...
>
> Now  you would be able to cross-reference from the logs back into your
> restriction file.
>
> [snip]
>
> --
> If at first you don't succeed...
> ...so much for skydiving.
>
>
I understood the logic, but is there any way to automate the procedure to
add this incremental number at the end of each line?

Re: Weird rejection

[DN Singh]

Duane, I am not using sender restrictions right now, but I can implement it.

Ralf, can you please tell me a method to append incremental numbers at the
end of each line? I need to do it as you pointed out.
I was searching for the same, but could not find out something that exactly
does what I need. Sorry for asking this in this group, but my skills in
this matter are rather limited.

On Wed, Jan 25, 2012 at 6:28 PM, Duane Hill  wrote:

> On Wednesday, January 25, 2012 at 11:58:31 UTC, 
> dnsingh.dns@gmail.comconfabulated:
>
> > On Wed, Jan 25, 2012 at 4:04 PM, Ralf Hildebrandt <
> > ralf.hildebra...@charite.de> wrote:
>
> >> * DN Singh :
> >> > Hello Group,
> >> >
> >> > I have configured some rejection domains in postfix access file,
> where it
> >> > rejects bad domains, or domains that do not exist. This list has been
> >> > gradually developed over time. A weird behavior happened the last
> time I
> >> > updated it. I had added some typos/bad domains that I found from the
> >> logs,
> >> > and appended it to the access file. After this, it started rejecting
> all
> >> > mails to "yahoo.co.in" specifically. I searched the file for the
> text,
> >> but
> >> > could not find it.
> >> > The file has following lines containing "yahoo.co.in" (I have grepped
> >> it.)
> >>
> >> Use REJECT unique number
> >> instead of just REJECT to find out which rule is firing.
> >>
> >> Also, why don't you simply use reject_unknown_sender_domain?
> >>
> > Thanks for pointing out about the unique number, Ralf. I'll do that to
> find
> > the line.
>
> > Also, these are recipient domains, and I am already using
> > reject_unknown_recipient_domain parameter in
> smtpd_recipient_restrictions,
> > but it does not reject these domains. This is why I have to do this
> > manually.
>
> Ralf  stated reject_unknown_sender_domain. I did not find that in your
> postconf below.
>
> > Any reason for the check not happening?? My postconf -n output:
>
> > --
> > alias_database = hash:/etc/aliases
> > alias_maps = hash:/etc/aliases
> > bounce_queue_lifetime = 0
> > broken_sasl_auth_clients = yes
> > command_directory = /usr/sbin
> > config_directory = /etc/postfix
> > daemon_directory = /usr/libexec/postfix
> > data_directory = /var/lib/postfix
> > debug_peer_level = 2
> > default_destination_concurrency_limit = 20
> > disable_vrfy_command = yes
> > home_mailbox = Maildir/
> > html_directory = no
> > in_flow_delay = 1s
> > inet_interfaces = all
> > inet_protocols = all
> > mail_owner = postfix
> > mailq_path = /usr/bin/mailq.postfix
> > manpage_directory = /usr/share/man
> > maximal_queue_lifetime = 1d
> > mydestination = $myhostname, localhost.$mydomain, localhost
> > mynetworks = 127.0.0.0/8
> > newaliases_path = /usr/bin/newaliases.postfix
> > qmgr_clog_warn_time = 0
> > qmgr_message_active_limit = 2
> > queue_directory = /var/spool/postfix
> > queue_run_delay = 300s
> > readme_directory = /usr/share/doc/postfix-2.8.7/README_FILES
> > sample_directory = /usr/share/doc/postfix-2.8.7/samples
> > sendmail_path = /usr/sbin/sendmail.postfix
> > setgid_group = postdrop
> > smtp_sasl_password_maps = hash:/etc/postfix/sasldb2
> > smtpd_helo_restrictions = permit_mynetworks,permit_sasl_authenticated
> > smtpd_recipient_restrictions = reject_rhsbl_recipient rhsbl.sorbs.net,
> > reject_rhsbl_recipient bogusmx.rfc-ignorant.org,
> > reject_unknown_recipient_domain, permit_sasl_authenticated,
> > permit_mynetworks, permit_inet_interfaces, reject_unauth_destination,
> > reject_rbl_client bl.spamcop.net, reject_rbl_client sbl-xbl.spamhaus.org
> > smtpd_sasl_auth_enable = yes
> > smtpd_sasl_authenticated_header = no
> > smtpd_sender_restrictions = check_recipient_access
> > hash:/etc/postfix/access, permit_mynetworks,
> reject_sender_login_mismatch,
> > permit_sasl_authenticated
> > transport_maps = hash:/etc/postfix/transport
> > unknown_local_recipient_reject_code = 550
> > 
>
>
>
> --
> If at first you don't succeed...
> ...so much for skydiving.
>
>

Re: Weird rejection

[DN Singh]

On Wed, Jan 25, 2012 at 4:04 PM, Ralf Hildebrandt <
ralf.hildebra...@charite.de> wrote:

> * DN Singh :
> > Hello Group,
> >
> > I have configured some rejection domains in postfix access file, where it
> > rejects bad domains, or domains that do not exist. This list has been
> > gradually developed over time. A weird behavior happened the last time I
> > updated it. I had added some typos/bad domains that I found from the
> logs,
> > and appended it to the access file. After this, it started rejecting all
> > mails to "yahoo.co.in" specifically. I searched the file for the text,
> but
> > could not find it.
> > The file has following lines containing "yahoo.co.in" (I have grepped
> it.)
>
> Use REJECT unique number
> instead of just REJECT to find out which rule is firing.
>
> Also, why don't you simply use reject_unknown_sender_domain?
>
> --
> Ralf Hildebrandt
>  Geschäftsbereich IT | Abteilung Netzwerk
>  Charité - Universitätsmedizin Berlin
>  Campus Benjamin Franklin
>  Hindenburgdamm 30 | D-12203 Berlin
>  Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
>  ralf.hildebra...@charite.de | http://www.charite.de
>
>
Thanks for pointing out about the unique number, Ralf. I'll do that to find
the line.

Also, these are recipient domains, and I am already using
reject_unknown_recipient_domain parameter in smtpd_recipient_restrictions,
but it does not reject these domains. This is why I have to do this
manually.

Any reason for the check not happening?? My postconf -n output:

--
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
bounce_queue_lifetime = 0
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
default_destination_concurrency_limit = 20
disable_vrfy_command = yes
home_mailbox = Maildir/
html_directory = no
in_flow_delay = 1s
inet_interfaces = all
inet_protocols = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
maximal_queue_lifetime = 1d
mydestination = $myhostname, localhost.$mydomain, localhost
mynetworks = 127.0.0.0/8
newaliases_path = /usr/bin/newaliases.postfix
qmgr_clog_warn_time = 0
qmgr_message_active_limit = 2
queue_directory = /var/spool/postfix
queue_run_delay = 300s
readme_directory = /usr/share/doc/postfix-2.8.7/README_FILES
sample_directory = /usr/share/doc/postfix-2.8.7/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_sasl_password_maps = hash:/etc/postfix/sasldb2
smtpd_helo_restrictions = permit_mynetworks,permit_sasl_authenticated
smtpd_recipient_restrictions = reject_rhsbl_recipient rhsbl.sorbs.net,
reject_rhsbl_recipient bogusmx.rfc-ignorant.org,
reject_unknown_recipient_domain, permit_sasl_authenticated,
permit_mynetworks, permit_inet_interfaces, reject_unauth_destination,
reject_rbl_client bl.spamcop.net, reject_rbl_client sbl-xbl.spamhaus.org
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = no
smtpd_sender_restrictions = check_recipient_access
hash:/etc/postfix/access, permit_mynetworks, reject_sender_login_mismatch,
permit_sasl_authenticated
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550

Access Map

[DN Singh]

Hello group,

I was configuring some restrictions on the Postfix level using access map.
It is in has format.
It is has a pretty good number of domains in it. So, I was wondering, how
large can be the file, without affecting the performance?
These are configured in recipient restrictions, so during each and every
mail, it will do a lookup for that domain.
Please consider the scenario and let me know the limit.

Thanks.

Re: hotmail rate limit

[DN Singh]

On Fri, Dec 30, 2011 at 12:40 AM, Ralf Hildebrandt <
ralf.hildebra...@charite.de> wrote:

> * DN Singh :
>
> > So Ralf, with a score of 99 with ReturnPath, what is the maximum delivery
> > that you have got to hotmail in a single day?
>
> on mail.python.org for the last week:
>
> 2554 28th
> 3764 27th
> 3445 26th
> 3011 25th
> 2263 24th
> 3557 23rd
> 4279 22nd
>
> --
> Ralf Hildebrandt
>  Geschäftsbereich IT | Abteilung Netzwerk
>  Charité - Universitätsmedizin Berlin
>  Campus Benjamin Franklin
>  Hindenburgdamm 30 | D-12203 Berlin
>  Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
>  ralf.hildebra...@charite.de | http://www.charite.de
>
> This kind of volume is not very high, and should cause no problem with
Hotmail. Helder, what kind of, and how much volume are you sending, to
cause problems?

Re: hotmail rate limit

[DN Singh]

On Wed, Dec 28, 2011 at 5:25 PM, Ralf Hildebrandt <
ralf.hildebra...@charite.de> wrote:

> * Dominik Schulz :
> > Am Dienstag, 20. Dezember 2011, 16:41:49 schrieb Helder Oliveira:
> > > Has anyone experience with ReturnPath that can share ? Is the paid
> money
> > > worth the results ?
> > Yes, but it's not worth it in my opinion.
>
> I frequently check my return path score, and it's at 99 almost all the
> time, without me paying any fees to ReturnPath.
>
> So I guess the paid money is not worth the results.
>
> --
> Ralf Hildebrandt
>  Geschäftsbereich IT | Abteilung Netzwerk
>  Charité - Universitätsmedizin Berlin
>  Campus Benjamin Franklin
>  Hindenburgdamm 30 | D-12203 Berlin
>  Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
>  ralf.hildebra...@charite.de | http://www.charite.de
>
> So Ralf, with a score of 99 with ReturnPath, what is the maximum delivery
that you have got to hotmail in a single day?

Re: transport private/smtp: Connection refused [solved]

[DN Singh]

You could also have done that by using,

domain.com.brsmtp:pop.domain.com.br




On Thu, Dec 22, 2011 at 1:57 AM, Alfredo Saldanha <
asalda...@corp.infolink.com.br> wrote:

>  Hi,
>
> I solved this problem!
>
> I change the transport map:
>
> from:
> domain.com.brsmtp:pop.domain.com.br:25
>
> to:
> domain.com.brrelay:pop.domain.com.br:25
>
> Now it works well.
>
> Thank you.
>
>
> On 12/21/2011 06:15 PM, Ralf Hildebrandt wrote:
>
> * Alfredo Saldanha  
> :
>
>  Hi People,
>
> I'm trying to configure a transport map to send emails to another
> server, but I got this error:
> postfix-smtp/qmgr[29632]: warning: connect to transport private/smtp:
> Connection refused
>
> in my master.cf:
> 587   inet  n   -   n   -   -   smtpd
>
>  That's smtpd, not smtp.
>
>
>
>

Re: Postfix as Load Balancer

[DN Singh]

Hello,

I was searching for nginx as load balancer, but couldn't quite figure it
out. Also, I am not sure, it would be able to pickup queues from Mysql
database.

On Fri, Dec 16, 2011 at 6:49 PM, DN Singh  wrote:

> On Fri, Dec 16, 2011 at 6:05 PM, Wietse Venema wrote:
>
>> DN Singh:
>> > Hello Group,
>> >
>> > I am trying to implement an architecture, where there will be one
>> Postfix
>> > instance acting as load balancer/relay. I need this instance to relay
>> mails
>>
>> Use the nginx proxy server in SMTP mode.
>>
>>Wietse
>>
>> > only to number on MTAs specified in a list, no outside delivery
>> involved.
>> > My questions are:
>> >
>> > 1) Is this this possible?
>> > 2) If possible, will it use round-robin fashion or sequential sending?
>> > 3) Can postfix pickup mails from a remote mysql database?
>>
>
> Thanks for the suggestion Wietse.
>

Re: Postfix as Load Balancer

[DN Singh]

On Fri, Dec 16, 2011 at 6:05 PM, Wietse Venema  wrote:

> DN Singh:
> > Hello Group,
> >
> > I am trying to implement an architecture, where there will be one Postfix
> > instance acting as load balancer/relay. I need this instance to relay
> mails
>
> Use the nginx proxy server in SMTP mode.
>
>Wietse
>
> > only to number on MTAs specified in a list, no outside delivery involved.
> > My questions are:
> >
> > 1) Is this this possible?
> > 2) If possible, will it use round-robin fashion or sequential sending?
> > 3) Can postfix pickup mails from a remote mysql database?
>

Thanks for the suggestion Wietse.

Postfix as Load Balancer

[DN Singh]

Hello Group,

I am trying to implement an architecture, where there will be one Postfix
instance acting as load balancer/relay. I need this instance to relay mails
only to number on MTAs specified in a list, no outside delivery involved.
My questions are:

1) Is this this possible?
2) If possible, will it use round-robin fashion or sequential sending?
3) Can postfix pickup mails from a remote mysql database?

Re: Dead Destination configuration

[DN Singh]

Can you please name the topic, so I can search about it? It would be of
great help.

On Mon, Dec 5, 2011 at 10:41 PM, Jeroen Geilman  wrote:

> On 2011-12-05 15:36, DN Singh wrote:
>
>> Yes, I tried to figure it out that way, but the numbers aren't constant.
>>
>
> Have you considered that this is because your submission is not 100% flat ?
> If you submit or retry in bursts (and when they block you for a fixed
> period of time after denying access, you WILL see clumping) then why expect
> their rejections to follow a different pattern ?
>
> As the people with much experience and experimentation on this list
> suggest, run separate delivery routes - with separate queues - for these
> slow destinations.
> All this is very well documented in the list archives.
>
> --
> J.
>
>

Re: Dead Destination configuration

[DN Singh]

Yes, I tried to figure it out that way, but the numbers aren't constant.
Which is I was experimenting on the delays, and then ended up on this
topic...

On Mon, Dec 5, 2011 at 6:47 PM, Wietse Venema  wrote:

> DN Singh:
> > The problem is that I am unable to find any hard limit of acceptance of
> > mails to these destinations. I have even tried creating slow transports
> for
> > them, but they still seem to drop connections after DATA command or RCPT
> > command.
> >
> > "lost connection with mx.rediffmail.rediff.akadns.net[119.252.147.10]
> while
> > sending DATA command)"
> >
> > This happens suddenly after some mails get delivered, and after it
> happens,
> > most of the mails in my active queue get transferred to deferred queue.
> > This increases the backlog of mails.
>
> Their limit is (surprise!) the point after which they begin dropping
> your connections.
>
>Wietse
>

Re: Dead Destination configuration

[DN Singh]

The problem is that I am unable to find any hard limit of acceptance of
mails to these destinations. I have even tried creating slow transports for
them, but they still seem to drop connections after DATA command or RCPT
command.

"lost connection with mx.rediffmail.rediff.akadns.net[119.252.147.10] while
sending DATA command)"

This happens suddenly after some mails get delivered, and after it happens,
most of the mails in my active queue get transferred to deferred queue.
This increases the backlog of mails.

On Mon, Dec 5, 2011 at 4:54 PM, Robert Schetterer wrote:

> Am 05.12.2011 12:12, schrieb DN Singh:
> > SPF, DKIM, FBL everything being followed, but still no more than 3-4k
> > delivery to hotmail/rediff. Any ideas group?? Can these destinations be
> > classified as dead, when they start deferring?
>
> sorry ,they arent "dead" at all, even if they dont take mail from you
> at once , guess they limit mail by ip, look if you find
> any how to at them avoiding this
> you can ever try deliver out by another ip
> or spread deliver out over more ips in general
>
> >
> > On Sat, Dec 3, 2011 at 10:59 PM, /dev/rob0  > <mailto:r...@gmx.co.uk>> wrote:
> >
> > On Friday 02 December 2011 08:23:53 Mark Goodge wrote:
> > > To be more specific, Yahoo's code TS01 doesn't mean "You are
> > > sending us too much email and we want you to slow down". It means
> > > "We think you might be a spammer, so we are setting you a simple
> > > test of whether you can follow instructions". If you pass the
> > > test, then when you restart sending then you'll be able to get
> > > everything through - it won't be rate-limited by Yahoo.
> >
> > I don't know what their TS01 means, but I do know that it does not
> > mean what they say it does. I have seen it on my small site before,
> > where I am reasonably certain that we could have caused no user
> > complaints.
> >
> > At the time it was a participatory mailing list much like this one,
> > with seven Y! subscribers. I did nothing and the mail eventually was
> > delivered. Nowadays (after having been listed at DNSWL.org awhile,
> > which might have helped) our Yahoo mail is delivered along with all
> > the rest of it.
> >
> > If the OP's site is cranking out enough bulk mail such as to create a
> > logjam and eventual bounces, that site needs to sign up for feedback
> > loops, as suggested upthread. Legitimate bulk mail sending is a big
> > chore. Consider that ESPs actually earn their money. Sometimes doing
> > things in-house is more expensive than outsourcing.
> > --
> >Offlist mail to this address is discarded unless
> >"/dev/rob0" or "not-spam" is in Subject: header
> >
> >
>
>
> --
> Best Regards
>
> MfG Robert Schetterer
>
> Germany/Munich/Bavaria
>

Re: Dead Destination configuration

[DN Singh]

SPF, DKIM, FBL everything being followed, but still no more than 3-4k
delivery to hotmail/rediff. Any ideas group?? Can these destinations be
classified as dead, when they start deferring?

On Sat, Dec 3, 2011 at 10:59 PM, /dev/rob0  wrote:

> On Friday 02 December 2011 08:23:53 Mark Goodge wrote:
> > To be more specific, Yahoo's code TS01 doesn't mean "You are
> > sending us too much email and we want you to slow down". It means
> > "We think you might be a spammer, so we are setting you a simple
> > test of whether you can follow instructions". If you pass the
> > test, then when you restart sending then you'll be able to get
> > everything through - it won't be rate-limited by Yahoo.
>
> I don't know what their TS01 means, but I do know that it does not
> mean what they say it does. I have seen it on my small site before,
> where I am reasonably certain that we could have caused no user
> complaints.
>
> At the time it was a participatory mailing list much like this one,
> with seven Y! subscribers. I did nothing and the mail eventually was
> delivered. Nowadays (after having been listed at DNSWL.org awhile,
> which might have helped) our Yahoo mail is delivered along with all
> the rest of it.
>
> If the OP's site is cranking out enough bulk mail such as to create a
> logjam and eventual bounces, that site needs to sign up for feedback
> loops, as suggested upthread. Legitimate bulk mail sending is a big
> chore. Consider that ESPs actually earn their money. Sometimes doing
> things in-house is more expensive than outsourcing.
> --
>Offlist mail to this address is discarded unless
>"/dev/rob0" or "not-spam" is in Subject: header
>

Re: Dead Destination configuration

[DN Singh]

Also, Yahoo atleast wants us to follow some policy, Rediff/Hotmail won't
let us know what to do when sending mails... They just like to defer mails.
For maximum 5k mails daily to each destination, I see 40-50k deferred
attempts in the logs. Precious time and connections are lost in such
attempts. Is it only me facing such issues, are there other people facing
these??

On Sat, Dec 3, 2011 at 9:13 PM, DN Singh  wrote:

> I guess Mark does have some experience with TS01 defers of Yahoo. Can
> anyone confirm for upto how long does Yahoo accept the mails, after we stop
> it for 4 hours. I mean is it worth stopping delivery for "4 hours", and
> gathering  those mails?
> If so, I could on the path Wietse is suggesting, of tailing the maillog,
> and making suitable changes.
> Guys, hasn't anyone faced these issues from Yahoo, or Rediff or Hotmail??
> If yes, please give your suggestions, share your experience about how you
> went about those issues.
>
> On Fri, Dec 2, 2011 at 8:27 PM, Wietse Venema wrote:
>
>> Mark Goodge:
>> > > I've seen no evidence that this interpretation is correct. On what
>> > > basis do you assert that this is Yahoo's policy?
>> >
>> > Experience, mostly. I've found that ceasing retry attempts for four
>> > hours, then restarting, typically results in the queue clearing as fast
>> > as you can send the emails without any further errors being generated.
>>
>> This could be automated outside of Postfix by tailing the maillog
>> file and updating the defer_transports setting (see Victor's post).
>> It requires a "postfix reload" command to restart the queue manager.
>>
>>Wietse
>>
>
>

Re: Dead Destination configuration

[DN Singh]

I guess Mark does have some experience with TS01 defers of Yahoo. Can
anyone confirm for upto how long does Yahoo accept the mails, after we stop
it for 4 hours. I mean is it worth stopping delivery for "4 hours", and
gathering  those mails?
If so, I could on the path Wietse is suggesting, of tailing the maillog,
and making suitable changes.
Guys, hasn't anyone faced these issues from Yahoo, or Rediff or Hotmail??
If yes, please give your suggestions, share your experience about how you
went about those issues.

On Fri, Dec 2, 2011 at 8:27 PM, Wietse Venema  wrote:

> Mark Goodge:
> > > I've seen no evidence that this interpretation is correct. On what
> > > basis do you assert that this is Yahoo's policy?
> >
> > Experience, mostly. I've found that ceasing retry attempts for four
> > hours, then restarting, typically results in the queue clearing as fast
> > as you can send the emails without any further errors being generated.
>
> This could be automated outside of Postfix by tailing the maillog
> file and updating the defer_transports setting (see Victor's post).
> It requires a "postfix reload" command to restart the queue manager.
>
>Wietse
>

Re: Dead Destination configuration

[DN Singh]

Okay. This means I was going in the wrong direction itself.

Thank you guys, for making this clear.


On Fri, Dec 2, 2011 at 5:49 PM, Viktor Dukhovni
wrote:

> On Fri, Dec 02, 2011 at 11:37:02AM +0530, DN Singh wrote:
>
> > Yes, I am trying some workarounds, like rate delays, to address unusual
> > traffic, and also joined their FBL for complainants. But, am still facing
> > problems with some MTAs.
> > Also, this only for Yahoo, there are others like hotmail, rediffmail,
> aol,
> > etc. Rediff being worst...
> >
> > The only thing that I want to know, is how do I define the time limit for
> > dead destination, and stop postfix from attempting new mails during that
> > time to the destination. I can't just turn off postfix, because it will
> > stop completely.
>
> It is a mistake to stop all first delivery attempts to a destination
> that is not down. You're lucky that Postfix is not doing what you
> seem to want.
>
> If the site is greylisting, that will not help at all. If they want
> your mail to arrive a slower rate, accumulating a lot of delayed mail
> makes that problem worse.
>
> There is no scenario in which a site that accepts your mail (i.e.
> has not classified you as a spammer, correctly or not) will offer
> better service if all your mail delayed by a few hours, that just
> time-warps the problem into the future and makes it more severe.
>
> --
>Viktor.
>

Re: Dead Destination configuration

[DN Singh]

Yes, I am trying some workarounds, like rate delays, to address unusual
traffic, and also joined their FBL for complainants. But, am still facing
problems with some MTAs.
Also, this only for Yahoo, there are others like hotmail, rediffmail, aol,
etc. Rediff being worst...

The only thing that I want to know, is how do I define the time limit for
dead destination, and stop postfix from attempting new mails during that
time to the destination. I can't just turn off postfix, because it will
stop completely.

Can "default_destination_concurrency_failed_cohort_limit" help me in the
matter, or am I in the wrong direction?

On Thu, Dec 1, 2011 at 6:32 PM, Wietse Venema  wrote:

> DN Singh:
> > I will get more clear with an example:
> >
> > yahoo.com has different rejection codes, common of which is TS01. They
> say,
> > after TS01, you aren't supposed to attempt delivery for 4 hours. But, the
>
> According to "Yahoo! Postmaster Help Topics", TS01 means:
>
> * We are seeing unusual traffic from your IP address.
>
> * Email from your mail server is generating complaints from Yahoo! Mail
> users.
>
> I suggest that you address those problems, instead of asking Postfix
> developers to build workarounds.
>
>Wietse
>

Re: Dead Destination configuration

[DN Singh]

I will get more clear with an example:

yahoo.com has different rejection codes, common of which is TS01. They say,
after TS01, you aren't supposed to attempt delivery for 4 hours. But, the
problem with postfix is that, it will even after many mails getting
deferred, it does not mark the destination dead, and new mails arriving in
the queue will get attempted, and also get TS01, ie. deferred. So, I never
reach the specified time of atleast 4Hrs of non attempt. What I want is
that, after particular number of defers to any domain, it simply mark it
dead for my specified period, and not its own default time.

This is just babout yahoo. There other domains, with their own policies,
which they want us to follow.

Also, the postfix built-in mechanisms are creating a problem,
by repeatedly attempting delivery, and causing the more mails to get
deferred, and ultimately filling up deferred queue. Even if I keep
maximal_queue_lifetime of 1 day, the mails will only get deleted after a
final attempt (whether delivered or deferred).

I have seen almost whole active queue getting filled with such deferred
mails. Even if I limit their pickup, they will still stay in deferred
queue, and fill up the disk. Should I create a different postfix altogether
for such domains?

I am sorry, if my mail seems more on complaining side :(

On Thu, Dec 1, 2011 at 5:21 PM, Wietse Venema  wrote:

> DN Singh:
> > Yes Jeroen,
> >
> > That is the case. I am suffering backlog of mails to one domain, due to
> its
> > deferral policy. This is why I want to handle it manually. Could you help
> > in the matter?
>
> If you have backlogs for ONE domain, then Postfix built-in
> mechanisms are already solving the problem for you. The
> visible result of greylisting etc. is that mail will
> stay queued with the sender until their timer expires.
>
>Wietse
>

Re: Dead Destination configuration

[DN Singh]

Yes Jeroen,

That is the case. I am suffering backlog of mails to one domain, due to its
deferral policy. This is why I want to handle it manually. Could you help
in the matter?

On Thu, Dec 1, 2011 at 2:02 PM, Jeroen Geilman  wrote:

> On 2011-12-01 08:35, DN Singh wrote:
>
>> Hello Group,
>>
>> I am trying some extra configuration for postfix where it would mark some
>> destinations as undeliverable. I have found that there are some
>> destinations, start deferring the mails (may be greylisting) for a
>> particular period of time (times ranging from 1min to 4hrs), and after the
>> time window is over, they accept mails properly. So, I would like to
>> configure per-destination dead time limit, where Postfix would not attempt
>> any delivery at all to a destination for the mentioned time.
>>
>
> Why ?
>
> SMTP deferral and retry are built into the protocol; they work fine.
>
> The only reason I can think of that would make you want to handle this
> manually is if you have such huge volumes that you see actual performance
> issues.
>
> Are you seeing performance issues ? Are there delays in delivery to other
> destinations ?
>
>
>
> --
> J.
>
>

Re: Dead Destination configuration

[DN Singh]

Thanks for the suggestion Robert, but how do I find the time for which
Postfix will not attempt a delivery after reaching the fail limit? Instead
of outsourcing the task to script, and increasing a dependency, it would be
better to keep it with Postfix itself, if possible.

If there aren't any options, I may have to go with the script. Then, I may
need some more help...

Thanks,
DN Singh

On Thu, Dec 1, 2011 at 1:29 PM, Robert Schetterer wrote:

> Am 01.12.2011 08:35, schrieb DN Singh:
> > Hello Group,
> >
> > I am trying some extra configuration for postfix where it would mark
> > some destinations as undeliverable. I have found that there are some
> > destinations, start deferring the mails (may be greylisting) for a
> > particular period of time (times ranging from 1min to 4hrs), and after
> > the time window is over, they accept mails properly. So, I would like to
> > configure per-destination dead time limit, where Postfix would not
> > attempt any delivery at all to a destination for the mentioned time.
> >
> > I tried configuring backoff-time, but it only comes into picture after
> > first attempt, which will get deferred, during time the destination is
> > differing. Next, I found
> > "default_destination_concurrency_failed_cohort_limit", but I was unable
> > to find to time for which it will remain dead. I know this is transport
> > configurable, so I can configure different time limits for different
> > destinations. This is because, I do not want any delivery attempts
> > during the time when a destination is marked dead.
> >
> > Is this possible? If yes, then how?
> >
> > Thanks.
> > DN Singh
>
> perhaps put some kind of scripted hold on them
> if they are always the same
>
> or use ideas from
>
> http://www.postfix.org/QSHAPE_README.html#backlog
>
> Postfix version 2.5 and later:
>
>In master.cf set up a dedicated clone of the "smtp" transport for
> the problem destination. In the example below we call it "slow".
>
>In main.cf configure a short delay between deliveries to the same
> destination.
>
>/etc/postfix/main.cf:
>transport_maps = hash:/etc/postfix/transport
>slow_destination_rate_delay = 1
>slow_destination_concurrency_failed_cohort_limit = 100
>
>/etc/postfix/transport:
>example.com  slow:
>
>/etc/postfix/master.cf:
># service type  private unpriv  chroot  wakeup  maxproc command
>slow  unix -   -   n   -   -smtp
>
> See also the documentation for default_destination_rate_delay.
>
> This solution forces the Postfix smtp(8) client to wait for
> $slow_destination_rate_delay seconds between deliveries to the same
> destination.
>
> IMPORTANT!! The large slow_destination_concurrency_failed_cohort_limit
> value is needed. This prevents Postfix from deferring all mail for the
> same destination after only one connection or handshake error (the
> reason for this is that non-zero slow_destination_rate_delay forces a
> per-destination concurrency of 1).
>
>
> --
> Best Regards
>
> MfG Robert Schetterer
>
> Germany/Munich/Bavaria
>

Dead Destination configuration

[DN Singh]

Hello Group,

I am trying some extra configuration for postfix where it would mark some
destinations as undeliverable. I have found that there are some
destinations, start deferring the mails (may be greylisting) for a
particular period of time (times ranging from 1min to 4hrs), and after the
time window is over, they accept mails properly. So, I would like to
configure per-destination dead time limit, where Postfix would not attempt
any delivery at all to a destination for the mentioned time.

I tried configuring backoff-time, but it only comes into picture after
first attempt, which will get deferred, during time the destination is
differing. Next, I found
"default_destination_concurrency_failed_cohort_limit", but I was unable to
find to time for which it will remain dead. I know this is transport
configurable, so I can configure different time limits for different
destinations. This is because, I do not want any delivery attempts during
the time when a destination is marked dead.

Is this possible? If yes, then how?

Thanks.
DN Singh