Re: MX vs A records
Am 11.10.2012 13:23, schrieb Tom Kinghorn: > Good afternoon list > > Today, i have started seeing alot of connection time-outs on queued mail. > > I have noticed miss-typed domain names, which have all been regsitered > elsewhere, with NO MX records, but A records. > > as such, the mails are just sitting in the queues, doing nothing. > > How would one deal with this? you can not deal with this expect create a error-transport for such domains manually - but be aware if this domain get later working mailservices to remove it! a domain does not need a MX record, that is how it works and there are many domains with well working mail-services without i for myself create always a MX record in by me maintained dns-zones but technically there is no need as long your a-record does not point to a webserver while you have mail-services for the same domain the side-effect is domains without any mail-address and a a-record are deferred for 5 days until the message bounces signature.asc Description: OpenPGP digital signature
Re: MX vs A records
* Tom Kinghorn : > Good afternoon list > > Today, i have started seeing alot of connection time-outs on queued mail. > > I have noticed miss-typed domain names, which have all been > regsitered elsewhere, with NO MX records, but A records. > > as such, the mails are just sitting in the queues, doing nothing. > > How would one deal with this? > > 1 of the domains in quetions is: opnet.net opnet.net error:5.1.1 One cannot send mail there in transport_maps -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de
Re: MX vs A records
On 11/10/2012 13:30, Reindl Harald wrote: Am 11.10.2012 13:23, schrieb Tom Kinghorn: you can not deal with this expect create a error-transport for such domains manually - but be aware if this domain get later working mailservices to remove it! a domain does not need a MX record, that is how it works and there are many domains with well working mail-services without i for myself create always a MX record in by me maintained dns-zones but technically there is no need as long your a-record does not point to a webserver while you have mail-services for the same domain the side-effect is domains without any mail-address and a a-record are deferred for 5 days until the message bounces Thats exactly as i thought.. one can always hope though...:o) Thanks for the reply. Tom
Re: MX vs A records
Am 11.10.2012 13:32, schrieb Ralf Hildebrandt: > * Tom Kinghorn : >> Good afternoon list >> >> Today, i have started seeing alot of connection time-outs on queued mail. >> >> I have noticed miss-typed domain names, which have all been >> regsitered elsewhere, with NO MX records, but A records. >> >> as such, the mails are just sitting in the queues, doing nothing. >> >> How would one deal with this? >> >> 1 of the domains in quetions is: opnet.net > > opnet.net error:5.1.1 One cannot send mail there > > in transport_maps but be careful remove the error-transport if the domain becomes active mail-services! i do this via mysql and a daily php-script which is removing error-transport if the domain get a MX record which is NOT fakemx.net currently the table has some thousand recors from the last 2 years signature.asc Description: OpenPGP digital signature
Re: MX vs A records
* Reindl Harald : > but be careful remove the error-transport if the domain > becomes active mail-services! Oh yes! > i do this via mysql and a daily php-script which is > removing error-transport if the domain get a MX record > which is NOT fakemx.net > > currently the table has some thousand recors from the last 2 years > -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de
Re: MX vs A records
On 11/10/2012 13:38, Ralf Hildebrandt wrote: * Reindl Harald : but be careful remove the error-transport if the domain becomes active mail-services! Oh yes! looking at the domains, they all have a SOA record as ns1.sedoparking.com wish we could ban any domain hosted at sedoparking.
Re: MX vs A records
Am 11.10.2012 14:08, schrieb Tom Kinghorn: > On 11/10/2012 13:38, Ralf Hildebrandt wrote: >> * Reindl Harald : >> >>> but be careful remove the error-transport if the domain >>> becomes active mail-services! >> Oh yes! >> > looking at the domains, they all have a SOA record as > > ns1.sedoparking.com > > wish we could ban any domain hosted at sedoparking. +100 additionally "mx.fakemx.net" makes me angry each time i see it in logs signature.asc Description: OpenPGP digital signature
Re: MX vs A records
Am 2012-10-11 13:36, schrieb Reindl Harald: i do this via mysql and a daily php-script which is removing error-transport if the domain get a MX record which is NOT fakemx.net currently the table has some thousand recors from the last 2 years Do you populate the database manually or automatically by processing the generated DSNs? -- Michael
Re: MX vs A records
Am 11.10.2012 14:20, schrieb Michael Storz:
> Am 2012-10-11 13:36, schrieb Reindl Harald:
>
>> i do this via mysql and a daily php-script which is
>> removing error-transport if the domain get a MX record
>> which is NOT fakemx.net
>>
>> currently the table has some thousand recors from the last 2 years
>
> Do you populate the database manually or automatically by processing the
> generated DSNs?
manually
my mail-system is completly mysql-based (postfix, dbmail, dovecot-proxy)
and controlled with a 100% self around the configuration developed web-UI
so i can paste in a text-field a domain per line and the backend-function
does the same verification as daily to check if the domain has to be removed
from error transports to skip valid domains
public function check_valid_target($input)
{
$invalid_mx = array('mx.fakemx.net');
if(strpos($input, '@') !== false)
{
$domain = $this->domain->get_by_address($input);
}
else
{
$domain = $input;
}
static $own_mta;
if(empty($own_mta))
{
$own_mta = $this->domain->liste_mta();
}
if(in_array($domain, $own_mta))
{
return true;
}
getmxrr($domain, $mx_records);
settype($mx_records, myarr);
if(!empty($mx_records))
{
foreach($mx_records as $mx_test)
{
if(!in_array($mx_test, $invalid_mx))
{
return true;
}
}
}
else
{
$a_records = gethostbynamel($domain . '.');
if(!$a_records)
{
usleep(10);
$a_records = gethostbynamel($domain . '.');
}
if(!$a_records)
{
usleep(10);
$a_records = gethostbynamel($domain . '.');
}
if(!$a_records)
{
return false;
}
else
{
static $static_valid;
static $static_invalid;
settype($static_valid, myarr);
settype($static_invalid, myarr);
foreach($a_records as $a_record)
{
if($a_record != '127.0.0.1')
{
if(in_array($a_record, $static_valid))
{
return true;
break;
}
if(!in_array($a_record, $static_invalid))
{
$fp = @fsockopen($a_record, 25, $errno, $errstr, 2);
if($fp)
{
@fclose($fp);
$static_valid[] = $a_record;
return true;
break;
}
else
{
@fclose($fp);
$static_invalid[] = $a_record;
}
}
}
else
{
return false;
}
}
}
}
return false;
}
signature.asc
Description: OpenPGP digital signature
Re: MX vs A records
Tom Kinghorn: > looking at the domains, they all have a SOA record as > > ns1.sedoparking.com > > wish we could ban any domain hosted at sedoparking. http://www.postfix.org/postconf.5.html#check_sender_ns_access check_sender_ns_access type:table Search the specified access(5) database for the DNS servers for the MAIL FROM address, and execute the corresponding action. Note: a result of "OK" is not allowed for safety reasons. Instead, use DUNNO in order to exclude specific hosts from blacklists. This feature is available in Postfix 2.1 and later. Use this only for known-bad providers. Wietse
Re: MX vs A records
On 11/10/2012 12:33, Tom Kinghorn wrote: On 11/10/2012 13:30, Reindl Harald wrote: the side-effect is domains without any mail-address and a a-record are deferred for 5 days until the message bounces Thats exactly as i thought.. one can always hope though...:o) configure the firewall to block :25 traffic to *parking.com IP ranges. I also block major WSP IP ranges - it used to be that some WSP's would be used by typo squatters who would configure a "catchall" SMTP server and snoop on misdirected email.
Re: MX vs A records
Am 11.10.2012 15:06, schrieb Jacqui Caren: > On 11/10/2012 12:33, Tom Kinghorn wrote: >> On 11/10/2012 13:30, Reindl Harald wrote: >>> the side-effect is domains without any mail-address and a a-record >>> are deferred for 5 days until the message bounces >>> >> Thats exactly as i thought.. >> one can always hope though...:o) > > configure the firewall to block :25 traffic to *parking.com IP ranges how should this help? postfix will defer and NOT bounce hardly immediately because it would be a major bug bouncing because temporary network errors and postfix can not know if it is temporary! signature.asc Description: OpenPGP digital signature
Re: MX vs A records
On 11/10/2012 14:48, Wietse Venema wrote: Tom Kinghorn: check_sender_ns_access type:table Search the specified access(5) database for the DNS servers for the MAIL FROM address, and execute the corresponding action. Note: a result of "OK" is not allowed for safety reasons. Instead, use DUNNO in order to exclude specific hosts from blacklists. This feature is available in Postfix 2.1 and later. Use this only for known-bad providers. Wietse I have added this but it is not working on my setup. All mail to the domains gets queued. setup is as follows: smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/recipient_access_whitelist check_recipient_access hash:/etc/postfix/recipient_access_blacklist check_recipient_ns_access hash:/etc/postfix/recipient_ns_host reject_non_fqdn_recipient, reject_unknown_recipient_domain, permit_mynetworks, permit_sasl_authenticated, reject i tested using ad...@cpf.co.za cpf.co.za is hosted at sedoparking.com in the recipient_ns_host file I have sedoparking.comREJECTRecipient hosted at sedoparking.com thanks Tom
Re: MX vs A records
On 10/17/12 10:05 AM, Tom Kinghorn wrote: > On 11/10/2012 14:48, Wietse Venema wrote: >> Tom Kinghorn: >>> check_sender_ns_access type:table >>> Search the specified access(5) database for the DNS servers for >>> the MAIL FROM address, and execute the corresponding action. >>> Note: a result of "OK" is not allowed for safety reasons. >>> Instead, use DUNNO in order to exclude specific hosts from >>> blacklists. This feature is available in Postfix 2.1 and later. >>> >>> Use this only for known-bad providers. >>> >>> Wietse >>> >>> > I have added this but it is not working on my setup. > All mail to the domains gets queued. > > setup is as follows: > > smtpd_recipient_restrictions = > check_recipient_access hash:/etc/postfix/recipient_access_whitelist > check_recipient_access hash:/etc/postfix/recipient_access_blacklist > check_recipient_ns_access hash:/etc/postfix/recipient_ns_host > ... You're testing NS records for the recipient address here, not the sender. > i tested using ad...@cpf.co.za > > cpf.co.za is hosted at sedoparking.com > > in the recipient_ns_host file I have > > sedoparking.comREJECTRecipient hosted at sedoparking.com > > thanks > Tom >
Re: MX vs A records
On 17/10/2012 10:14, Tom Hendrikx wrote: On 10/17/12 10:05 AM, Tom Kinghorn wrote: You're testing NS records for the recipient address here, not the sender. i tested using ad...@cpf.co.za cpf.co.za is hosted at sedoparking.com in the recipient_ns_host file I have sedoparking.comREJECTRecipient hosted at sedoparking.com thanks Tom That is correct. cpf.co.za (the recipient domain) has no MX record BUT does have an A record, which does not accept mail. As such, the mail sits in the queue until it expires. I am trying to test recipient NS, If the NS is sedoparking, then Reject the message. Thanks for the reply. Tom
Re: MX vs A records
On 10/17/2012 3:31 AM, Tom Kinghorn wrote: > On 17/10/2012 10:14, Tom Hendrikx wrote: >> On 10/17/12 10:05 AM, Tom Kinghorn wrote: >>> >> You're testing NS records for the recipient address here, not the sender. >> >>> i tested using ad...@cpf.co.za >>> >>> cpf.co.za is hosted at sedoparking.com >>> >>> in the recipient_ns_host file I have >>> >>> sedoparking.comREJECTRecipient hosted at sedoparking.com >>> >>> thanks >>> Tom >>> >>> > That is correct. > > cpf.co.za (the recipient domain) has no MX record BUT does have an A > record, which does not accept mail. > As such, the mail sits in the queue until it expires. > > I am trying to test recipient NS, > If the NS is sedoparking, then Reject the message. > > Thanks for the reply. > Tom Show "postconf -n" and the postfix logs of your test. -- Noel Jones
Re: MX vs A records (SOLVED)
Am 22.10.2012 15:29, schrieb Tom Kinghorn: > > > On 18/10/2012 14:41, Noel Jones wrote: >> On 10/18/2012 5:04 AM, Tom Kinghorn wrote: >>> >>> DO NOT send debug log files unless specifically requested. Normal >>> log files are sufficient. >>> >>> >>> And a friendly reminder that splitting required troubleshooting info >>> up between multiple messages greatly reduces the chance of getting help. >>> >>>-- Noel Jones >>> > > Hi List. > Just to let you know that i had a typo in the main.cf which is why this was > not working. > > Thanks to all who replied. it would be nice having at the end of the thread the example config with corrected typo to help others which finding this in the archives! signature.asc Description: OpenPGP digital signature
Re: MX vs A records (SOLVED)
On 22/10/2012 15:32, Reindl Harald wrote: Am 22.10.2012 15:29, schrieb Tom Kinghorn: On 18/10/2012 14:41, Noel Jones wrote: On 10/18/2012 5:04 AM, Tom Kinghorn wrote: DO NOT send debug log files unless specifically requested. Normal log files are sufficient. And a friendly reminder that splitting required troubleshooting info up between multiple messages greatly reduces the chance of getting help. -- Noel Jones Hi List. Just to let you know that i had a typo in the main.cf which is why this was not working. Thanks to all who replied. it would be nice having at the end of the thread the example config with corrected typo to help others which finding this in the archives! apologies. smtpd_recipient_restrictions = check_recipient_ns_access hash:/etc/postfix/recipient_nameserver_host, check_recipient_access hash:/etc/postfix/recipient_access_whitelist, check_recipient_access hash:/etc/postfix/recipient_access_blacklist, I checked the config and found that the lines did not end with a comma. As soon as I added it, the access rule started working and mails were redirected (i changed REJECT to REDIRECT) Regards Tom
Re: MX vs A records (SOLVED)
Tom Kinghorn: > > it would be nice having at the end of the thread the example config > > with corrected typo to help others which finding this in the archives! > > > apologies. > > > smtpd_recipient_restrictions = > check_recipient_ns_access > hash:/etc/postfix/recipient_nameserver_host, > check_recipient_access > hash:/etc/postfix/recipient_access_whitelist, > check_recipient_access > hash:/etc/postfix/recipient_access_blacklist, > > > > I checked the config and found that the lines did not end with a comma. > As soon as I added it, the access rule started working and mails were > redirected (i changed REJECT to REDIRECT) What program are you using to edit main.cf? Wietse
Re: MX vs A records (SOLVED)
On 10/22/2012 8:39 AM, Tom Kinghorn wrote: > On 22/10/2012 15:32, Reindl Harald wrote: >> >> Am 22.10.2012 15:29, schrieb Tom Kinghorn: >>> >>> On 18/10/2012 14:41, Noel Jones wrote: On 10/18/2012 5:04 AM, Tom Kinghorn wrote: > DO NOT send debug log files unless specifically requested. Normal > log files are sufficient. > > > And a friendly reminder that splitting required troubleshooting > info > up between multiple messages greatly reduces the chance of > getting help. > > -- Noel Jones > >>> Hi List. >>> Just to let you know that i had a typo in the main.cf which is >>> why this was not working. >>> >>> Thanks to all who replied. >> it would be nice having at the end of the thread the example config >> with corrected typo to help others which finding this in the >> archives! >> > apologies. > > > smtpd_recipient_restrictions = > check_recipient_ns_access > hash:/etc/postfix/recipient_nameserver_host, > check_recipient_access > hash:/etc/postfix/recipient_access_whitelist, > check_recipient_access > hash:/etc/postfix/recipient_access_blacklist, > > > > I checked the config and found that the lines did not end with a comma. > As soon as I added it, the access rule started working and mails > were redirected (i changed REJECT to REDIRECT) FALSE. The commas are not required; adding them should have no effect. Maybe there was some garbage in the file that got removed when you edited it, or maybe you're using some non-text editor that screws up the line endings. -- Noel Jones
Re: MX vs A records (SOLVED)
On 22/10/2012 15:51, Wietse Venema wrote: Tom Kinghorn: it would be nice having at the end of the thread the example config with corrected typo to help others which finding this in the archives! apologies. smtpd_recipient_restrictions = check_recipient_ns_access hash:/etc/postfix/recipient_nameserver_host, check_recipient_access hash:/etc/postfix/recipient_access_whitelist, check_recipient_access hash:/etc/postfix/recipient_access_blacklist, I checked the config and found that the lines did not end with a comma. As soon as I added it, the access rule started working and mails were redirected (i changed REJECT to REDIRECT) What program are you using to edit main.cf? Wietse Hi Wietse. This was an "inherited" system as the previous admin was laid-off. As far as I know, they used VI (as do i, however i used vim) thx Tom
Re: MX vs A records (SOLVED)
On 22/10/2012 15:55, Noel Jones wrote: On 10/22/2012 8:39 AM, Tom Kinghorn wrote: On 22/10/2012 15:32, Reindl Harald wrote: Am 22.10.2012 15:29, schrieb Tom Kinghorn: On 18/10/2012 14:41, Noel Jones wrote: On 10/18/2012 5:04 AM, Tom Kinghorn wrote: DO NOT send debug log files unless specifically requested. Normal log files are sufficient. And a friendly reminder that splitting required troubleshooting info up between multiple messages greatly reduces the chance of getting help. -- Noel Jones Hi List. Just to let you know that i had a typo in the main.cf which is why this was not working. Thanks to all who replied. it would be nice having at the end of the thread the example config with corrected typo to help others which finding this in the archives! apologies. smtpd_recipient_restrictions = check_recipient_ns_access hash:/etc/postfix/recipient_nameserver_host, check_recipient_access hash:/etc/postfix/recipient_access_whitelist, check_recipient_access hash:/etc/postfix/recipient_access_blacklist, I checked the config and found that the lines did not end with a comma. As soon as I added it, the access rule started working and mails were redirected (i changed REJECT to REDIRECT) FALSE. The commas are not required; adding them should have no effect. Maybe there was some garbage in the file that got removed when you edited it, or maybe you're using some non-text editor that screws up the line endings. -- Noel Jones Thanks for the info. I merely posted what was done and the result. I am grateful to know they are not required,
Re: MX vs A records (SOLVED)
Tom Kinghorn: > >> I checked the config and found that the lines did not end with a comma. > >> As soon as I added it, the access rule started working and mails were > >> redirected (i changed REJECT to REDIRECT) > > What program are you using to edit main.cf? > Hi Wietse. > This was an "inherited" system as the previous admin was laid-off. > > As far as I know, they used VI (as do i, however i used vim) I suspect there was garbage at the end of lines. Postfix logs warnings in the maillog file when smtpd_xxx_restrictions contains unrecognized content. Wietse
Re: MX vs A records (SOLVED)
On 22/10/2012 16:09, Wietse Venema wrote: Tom Kinghorn: I suspect there was garbage at the end of lines. Postfix logs warnings in the maillog file when smtpd_xxx_restrictions contains unrecognized content. Wietse Thanks for the response Wietse. Thanks to all who helped. regards Tom
Re: MX vs A records (postconf attached)
On Thu, 18 Oct 2012 12:04:37 +0200
Tom Kinghorn articulated:
{SNIP}
> I had the debug included but the list admin bounced it due to max
> characters exceeded.
> I will resend it to the list.
While you are at it, could you lose the urge to send posts in HTML
format. "GMail" is perfectly capable of sending in plain text format.
Thank you!
--
Jerry ✌
postfix-u...@seibercom.net
_
TO REPORT A PROBLEM see http://www.postfix.org/DEBUG_README.html#mail
TO (UN)SUBSCRIBE see http://www.postfix.org/lists.html
Re: MX vs A records (postconf attached)
On 18/10/2012 12:55, Jerry wrote:
On Thu, 18 Oct 2012 12:04:37 +0200
Tom Kinghorn articulated:
{While you are at it, could you lose the urge to send posts in HTML
format. "GMail" is perfectly capable of sending in plain text format.
Thank you!
Formatting changed.
Apologies.
Fwd: Re: MX vs A records (postconf attached)
On 17/10/2012 15:18, Noel Jones wrote: Show "postconf -n" and the postfix logs of your test. -- Noel Jones Hi Noel. I guess I should have done that at the start, my apologies. Just an update. when doing a test via the CLI, it seems to work. So I am guessing a permit statement further down is causing the problem. I have attached a "postconf -n". I had the debug included but the list admin bounced it due to max characters exceeded. I will resend it to the list. Thanks Tom anvil_rate_time_unit = 20s bounce_queue_lifetime = 24h broken_sasl_auth_clients = yes canonical_maps = hash:/etc/postfix/canonical command_directory = /usr/sbin config_directory = /etc/postfix content_filter = smtp-amavis:[127.0.0.1]:10024 daemon_directory = /usr/lib/postfix debug_peer_level = 5 debug_peer_list = 10.113.131.23 default_destination_recipient_limit = 20 default_process_limit = 3000 defer_transports = delay_warning_time = 1d disable_vrfy_command = yes fast_flush_domains = vodamail.co.za header_checks = regexp:/etc/postfix/regexp html_directory = /usr/share/doc/packages/postfix/html inet_interfaces = all local_recipient_maps = $virtual_mailbox_maps local_transport = virtual mail_owner = postfix mail_spool_directory = /var/mail mailbox_size_limit = 0 mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man masquerade_classes = envelope_sender, header_sender, header_recipient masquerade_domains = masquerade_exceptions = root maximal_backoff_time = 4000s maximal_queue_lifetime = 24h message_size_limit = 27648000 mydestination = $myhostname, $mydomain mydomain = vodamail.co.za mynetworks = $config_directory/mynetworks myorigin = $mydomain newaliases_path = /usr/bin/newaliases proxy_read_maps = proxy:ldap:/etc/postfix/ldap-sasl-password.cf, proxy:ldap:/etc/postfix/ldap-mailbox.cf, proxy:ldap:/etc/postfix/ldap-alias.cf, proxy:ldap:/etc/postfix/ldap-mailhost.cf qmgr_message_active_limit = 21000 qmgr_message_recipient_limit = 21000 queue_directory = /vodamail/queues queue_run_delay = 1000s readme_directory = /usr/share/doc/packages/postfix/README_FILES recipient_bcc_maps = hash:/etc/postfix/recipient_bcc relay_domains = relayhost = [relay1.vodamail.internal] sample_directory = /usr/share/doc/packages/postfix/samples sender_bcc_maps = hash:/etc/postfix/sender_bcc sender_canonical_maps = hash:/etc/postfix/sender_canonical sendmail_path = /usr/sbin/sendmail setgid_group = maildrop smtp_connect_timeout = 45s smtp_data_xfer_timeout = 360s smtp_generic_maps = hash:/etc/postfix/generic smtp_helo_name = vodamail.co.za smtp_host_lookup = native,dns smtp_sasl_auth_enable = yes smtp_sasl_mechanism_filter = plain login smtp_sasl_password_maps = proxy:ldap:/etc/postfix/ldap-sasl-password.cf smtp_tls_session_cache_timeout = 3600s smtp_use_tls = no smtpd_banner = Welcome to $myhostname ESMTP smtpd_client_connection_count_limit = 20 smtpd_client_connection_rate_limit = 20 smtpd_client_event_limit_exceptions = 127.0.0.1,196.11.146.71,10.114.23.77,10.113.169.0/24 smtpd_client_message_rate_limit = 30 smtpd_client_restrictions = check_client_access hash:/etc/postfix/client_access,permit_mynetworks, permit_sasl_authenticated, permit_auth_destination, check_client_access regexp:/etc/postfix/fqrdns.regexp, permit smtpd_helo_required = yes smtpd_helo_restrictions = check_helo_access hash:/etc/postfix/helo_access, permit_mynetworks, warn_if_reject reject_non_fqdn_hostname,permit smtpd_recipient_limit = 25 smtpd_recipient_restrictions = check_recipient_ns_access hash:/etc/postfix/recipient_nameserver_hostcheck_recipient_access hash:/etc/postfix/recipient_access_whitelist check_recipient_access hash:/etc/postfix/recipient_access_blacklist warn_if_reject reject_unverified_recipient, reject_unauth_pipelining, reject_non_fqdn_recipient, reject_unknown_recipient_domain, permit_mynetworks,permit_sasl_authenticated,reject smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_exceptions_networks = $mynetworks smtpd_sasl_local_domain = smtpd_sasl_security_options = noanonymous smtpd_sender_restrictions = check_client_access hash:/etc/postfix/client_access,check_sender_access regexp:/etc/postfix/regex_sender_admin, check_sender_access hash:/etc/postfix/sender_alias_whitelist, check_sender_access hash:/etc/postfix/sender_access_whitelist, check_sender_access hash:/etc/postfix/sender_access_blacklist, check_sender_access regexp:/etc/postfix/regex_sender_access_blacklist, warn_if_reject reject_non_fqdn_sender, reject_unknown_sender_domain, permit smtpd_timeout = 120s smtpd_tls_cert_file = /etc/postfix/newcert.pem smtpd_tls_key_file = /etc/postfix/newreq.pem smtpd_tls_loglevel = 3 smtpd_tls_received_header = yes smtpd_use_tls = no tls_random_source = dev:/dev/urandom transport_maps = hash:/etc/postfix/relay_transport, proxy:ldap:/etc/postfix/ldap-mailhost.cf unknown_local_recipi
Re: Fwd: Re: MX vs A records (postconf attached)
On 10/18/2012 5:04 AM, Tom Kinghorn wrote: > I had the debug included but the list admin bounced it due to max > characters exceeded. > I will resend it to the list DO NOT send debug log files unless specifically requested. Normal log files are sufficient. And a friendly reminder that splitting required troubleshooting info up between multiple messages greatly reduces the chance of getting help. -- Noel Jones
Re: Fwd: Re: MX vs A records (postconf attached)
On 18/10/2012 14:41, Noel Jones wrote: On 10/18/2012 5:04 AM, Tom Kinghorn wrote: DO NOT send debug log files unless specifically requested. Normal log files are sufficient. And a friendly reminder that splitting required troubleshooting info up between multiple messages greatly reduces the chance of getting help. -- Noel Jones Noted.
Fwd: Re: Fwd: Re: MX vs A records (SOLVED)
On 18/10/2012 14:41, Noel Jones wrote: On 10/18/2012 5:04 AM, Tom Kinghorn wrote: DO NOT send debug log files unless specifically requested. Normal log files are sufficient. And a friendly reminder that splitting required troubleshooting info up between multiple messages greatly reduces the chance of getting help. -- Noel Jones Hi List. Just to let you know that i had a typo in the main.cf which is why this was not working. Thanks to all who replied. Regards Tom
