Re: Postfix 2.6 changelog ?
* ram : > The docs at http://www.postfix.org mention several features available in > postfix 2.6(experimental). > > Where is the complete changelog of postfix 2.6 available ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/*.HISTORY -- Ralf Hildebrandt (ralf.hildebra...@charite.de) snick...@charite.de Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.arschkrebs.de Penguins are knocking at the door. Check your winter equipment, Bill
Re: IP address of internal sender
* mxc : > > Hi all, > > It looks like there is a machine on the network that is infected with a bot > of some kind and it is sending spam through our smtp server. It passes all > the smtp restriction and checks so it doesn't bounce and is fillinh up our > queues. I can't seem to see in the maillog which IP address these messages > are originating from. Is there some way to tell which internal ip address > they are being sent from? Yes, look at the received: headers in the queuefiles. postcat -q ID | less -- Ralf Hildebrandt (ralf.hildebra...@charite.de) snick...@charite.de Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.arschkrebs.de Having been erased, The document you're seeking Must now be retyped.
postfix-2.6-20090224-nonprod doesn't build
... but then I didn't read the INSTALL document to see if something changed fundamentally... The error is: [src/postmulti] gcc -Wmissing-prototypes -Wformat -Wl,--as-needed -DUSE_TLS -DHAS_PCRE -DHAS_CDB -DSNAPSHOT -DNONPROD -g -O -I. -I../../include -DLINUX2 -c postmulti.c postmulti.c:426: error: static declaration of 'var_multi_start_cmds' follows non-static declaration ../../include/mail_params.h:3098: error: previous declaration of 'var_multi_start_cmds' was here postmulti.c:427: error: static declaration of 'var_multi_stop_cmds' follows non-static declaration ../../include/mail_params.h:3102: error: previous declaration of 'var_multi_stop_cmds' was here postmulti.c:428: error: static declaration of 'var_multi_cntrl_cmds' follows non-static declaration ../../include/mail_params.h:3106: error: previous declaration of 'var_multi_cntrl_cmds' was here make: *** [postmulti.o] Fehler 1 make: *** [update] Fehler 1 -- Ralf Hildebrandt (ralf.hildebra...@charite.de) snick...@charite.de Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.arschkrebs.de Nothing is faster than the speed of light. To prove this to yourself, try opening the refrigerator door before the light comes on.
Re: postfix-2.6-20090224-nonprod doesn't build
* Ralf Hildebrandt : > ... but then I didn't read the INSTALL document to see if something > changed fundamentally... Read it now. No :) I also tried 20090222 and 20090223, to no avail -- Ralf Hildebrandt (ralf.hildebra...@charite.de) snick...@charite.de Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.arschkrebs.de Serious error. All shortcuts have disappeared. Screen. Mind. Both are blank.
Re: postfix-2.6-20090224-nonprod doesn't build
* Wietse Venema : > > gcc -Wmissing-prototypes -Wformat -Wl,--as-needed -DUSE_TLS -DHAS_PCRE > > -DHAS_CDB -DSNAPSHOT -DNONPROD -g -O -I. -I../../include -DLINUX2 -c > > postmulti.c > Look at the lines in the code and remove the word "static". Done. It works now. > BTW, you are overriding the compiler options (-Wl,--as-needed) > and so you are taking chances. Yes, but I also tried without those (of course, just to make sure) I've been using these options for quite some time now, it seems to have no ill effects, except for making the binaries smaller. http://www.gentoo.org/proj/en/qa/asneeded.xml -- Ralf Hildebrandt (ralf.hildebra...@charite.de) snick...@charite.de Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.arschkrebs.de OpenVMS is today what Microsoft wants Windows NT v8.0 to be!
Re: sending email with Gnus
* LuKreme : > Postfix does not 'support' TLS at all. I wouldn't say it that way. STARTTLS looks like TLS support, if you ask me > It should work with Gnu TLS as well as with any other TLS library. As far as I knwo it doesn't :) -- Ralf Hildebrandt (ralf.hildebra...@charite.de) snick...@charite.de Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.arschkrebs.de The opposite of increment is excrement. -- Seen on Usenet, so it must be true.
Re: sending email with Gnus
* Wietse Venema : > A couple years ago, Gnu TLS would exit the program (exit status 2) > instead of reporting an error to Postfix, so that Postfix could > switch to plaintext where appropriate. > > http://www.postfix.org/TLS_README.html#build_tls Should I retry a build with GNUTLS? -- Ralf Hildebrandt (ralf.hildebra...@charite.de) snick...@charite.de Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.arschkrebs.de perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'
Re: Trouble sending mail to a piped alias
* Kirk Strauser : > I'm trying to allow users to reply to Bugzilla emails, but I'm having trouble > getting Postfix to execute the command that > handles this. The proper alias is defined: > > $ postconf | grep ^alias_maps > alias_maps = hash:/etc/aliases, hash:/usr/local/mailman/data/aliases > $ grep bugzilla-daemon /etc/aliases > bugzilla-daemon:"| /usr/local/www/data/bugzilla/email_in.pl" > > The program exists and works when tested on a local file: > > $ ls /usr/local/www/data/bugzilla/email_in.pl > /usr/local/www/data/bugzilla/email_in.pl > $ sudo /usr/local/www/data/bugzilla/email_in.pl < /tmp/bugtest > $ > > However, when I sent mail to that alias, I get: > > Mar 4 09:46:31 web2 postfix/qmgr[58081]: DC2E855E59D: from=, > size=305, nrcpt=1 (queue > active) > Mar 4 09:46:31 web2 local[61974]: fatal: execvp > /usr/local/www/data/bugzilla/email_in.pl: No such file or directory > Mar 4 09:46:31 web2 postfix/local[61973]: DC2E855E59D: > to=, relay=local, delay=1126, > delays=1126/0.01/0/0.04, dsn=4.3.0, status=deferred (temporary failure. > Command output: local: fatal: execvp > /usr/local/www/data/bugzilla/email_in.pl: No such file or directory ) Did you maybe chroot local? -- Ralf Hildebrandt (ralf.hildebra...@charite.de) snick...@charite.de Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.arschkrebs.de "I rigged my cellular to send a message to my PDA, which is online with my PC, to get it to activate the voicemail, which sends the message to the inbox of my email, which routes it to the PDA, which beams it back to the cellular. Then I realized my gadgets have a better social life than I do." !" - Tom Ostad.
Re: relayhost
* Rocco Scappatura : > Hello, > > I need to use 'mail()' PHP function on a UNIX system, which uses Postfix > as MTA. > > On Linux systems, mail() function use the 'sendmail' program to transmit > messages. And so, my PHP program uses postfix setup to transmit the > messages. In particular, it looks up DNS for MX of destination domain an > forward it to the correct destination. > > Now I have the problem, that indeed I need that some messages have to be > forwarded directly to the destination, while the ones generated by my > mail application should be sent trhough a smart host (setting up > relayhost=smart.host.tld). > > How could I do? Is it possible to change the "relayhost" postfix > parameter on the fly? Or what? Why not use transport_maps? -- Ralf Hildebrandt (ralf.hildebra...@charite.de) snick...@charite.de Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.arschkrebs.de It's mathematical: (uNsTable - NT) = usable.
Re: relayhost
* Ralf Hildebrandt : > * Rocco Scappatura : > > Hello, > > > > I need to use 'mail()' PHP function on a UNIX system, which uses Postfix > > as MTA. > > > > On Linux systems, mail() function use the 'sendmail' program to transmit > > messages. And so, my PHP program uses postfix setup to transmit the > > messages. In particular, it looks up DNS for MX of destination domain an > > forward it to the correct destination. > > > > Now I have the problem, that indeed I need that some messages have to be > > forwarded directly to the destination, while the ones generated by my > > mail application should be sent trhough a smart host (setting up > > relayhost=smart.host.tld). > > > > How could I do? Is it possible to change the "relayhost" postfix > > parameter on the fly? Or what? > > Why not use transport_maps? Ugh, discard my answer :) -- Ralf Hildebrandt (ralf.hildebra...@charite.de) snick...@charite.de Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.arschkrebs.de
Re: Ubuntu, dynamicmaps?
* Victor Duchovni : > No, it is a fine Postfix port. There is no reason to avoid it. Indeed! > The dynamic tables make it easy to add additional table types without > re-installing Postfix or building a Postfix that supports all possible > table types. This Postfix is at least as good as that on other Linux > systems. Actually, it's better. On some distros I found Postfix packages that didn't have LDAP (or was it mysql?) support... -- Ralf Hildebrandt (ralf.hildebra...@charite.de) snick...@charite.de Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.arschkrebs.de Remember - if all you have is an axe, every problem looks like hours of fun.
Re: Ubuntu, dynamicmaps?
* KLaM Postmaster : > From the replies that I have received so far, I get the impression that > while no one has anything bad to say about the Ubuntu implementation of > Postfix, nobody is very enthusiastic. Well, it works OK and doesn't generate any problems. For me. -- Ralf Hildebrandt (ralf.hildebra...@charite.de) snick...@charite.de Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.arschkrebs.de Microsoft DNS service terminates abnormally when it receives a response to a dns query that was never made. Fix information: run your DNS service on a different platform. -- bugtraq
Re: Ubuntu, dynamicmaps?
* Barney Desmond : > Bingo, RHEL5 comes with Postfix 2.3.3 and doesn't have support for > mysql/pgsql tables - which are kinda popular, y'know. E in RHEL5 stands for "except *sql", not "enterprise" -- Ralf Hildebrandt (ralf.hildebra...@charite.de) snick...@charite.de Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.arschkrebs.de Three things are certain: Death, taxes and lost data. Guess which has occurred.
Re: message may be sent more than once
* K bharathan : > Mar 18 17:25:19 relay2 postfix/smtp[21383]: 5470B21265: > to=<41b.4.74998426-6452...@whereverstormy.com>, relay= > mail.WhereverStormy.com[173.46.193.75]:25, delay=418568, > delays=418439/0.46/4.7/123, dsn=4.4.2, status=deferred (lost connection with > mail.WhereverStormy.com[173.46.193.75] while sending end of data -- message > may be sent more than once) > > the above is from my relay; > "while sending end of data -- message may be sent more than once)" what does > this mean? It means that the connection to mail.WhereverStormy.com has been lost while sending end of data and THUS the message may be sent more than once (it may have been sent now, but Postfix didn't get a confirmation, thus Postfix will resend) -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de "There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence." -- Jeremy S. Anderson
Re: Question about anvil settings
* LuKreme : > I was looking at the default levels for anvil and unless I am > misunderstanding (likely) they seem really high. > >smtpd_client_connection_count_limit (default: 50) >The maximum number of connections that an SMTP client >may make simultaneously. > > So, a single client can open up *50* simultaneous smtp connections? Yes. >smtpd_client_connection_rate_limit (default: no limit) >The maximum number of connections that an SMTP client may >make in the time interval specified with >anvil_rate_time_unit (default: 60s). > > And can do so every single second? Yes. > My server is pretty light weight, and I don't tend to get too many floods > of spammers, but are these defaults reasonable to mitigate the damage that > a flood might do? Are these defaults anything a normal user is ever going > to hit? I usually set things differently. default_process_limit = 800 smtpd_client_connection_rate_limit = 40 smtpd_client_connection_count_limit = 16 anvil_rate_time_unit = 60s -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de Da wir bestrebt sind die Prozesse und die Produkte ständig zu verbessern, haben wir festgestellt, daß Betonschwimmwesten mit Stahlarmierung noch viel widerstandsfähiger sind.
Re: Performance tuning
* Brandon Hilkert : > We send out a pretty volume of emails right now using a combination of > SQL and IIS SMTP. We get rates now of about 5,000/min. We're looking to > not only improve the rates, but incorporate DKIM/Domainkey signing into > the process. The choice has been made to go with postfix along with a > queue directory on an XFS file system. You can check if the disk I/O is the bottleneck by simply putting the queue fs in a RAM disk! > I'm using postfix as a relay, and having it sign the outgoing emails > with DKIM. That process was about twice as slow as without it. Without > DKIM, I'm getting a rate of 700/min. Signing takes time! htop will tell you IO rates and CPU usage... -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de "Windows 95 /n./ 32 bit extensions and a graphical shell for a 16 bit patch to an 8 bit operating system originally coded for a 4 bit microprocessor, written by a 2 bit company that can't stand 1 bit of competition."
Re: Performance tuning
* Brandon Hilkert : > Is a simple ext3 partition usually the recommend file system? Yes -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de "C makes it easy to shoot yourself in the foot. C++ makes it harder, but when you do, it blows away your whole leg." -- Bjarne Stroustrup
Re: Performance tuning
* Brandon Hilkert : > Sorry if this is a stupid question, but how do I go about this. I tried: > > mkdir /ram > mount -t ramfs none /ram YOu need to stop postfix first You need to make sure postfix users /ram as queue_directory I'd rather mount things differently (tmpfs on Linux), directly "over" /var/spool/postfix > and when I send a mail, postfix says there's not enough space in the > queue. Should I be doing it a different way? Yes, it need to be LARGE enough :) -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de Official postfix-users mantra: post FULL log information when asking questions, since most of us have no ESP abilities.
Re: Performance tuning
* Brandon Hilkert : > I was able to get it to mount to tmpfs and it showed no change in > performance, so that would theoretcially rule out any existing disk issue > right? You said ext3 was faster, thus I think your ramfs test was flawed. -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de In our world, software has to be small, has to be debugged, has to ship as part of a major initiative, has to avoid compatibility problems, has to avoid end user calls. Bill Gates
Re: Performance tuning
* Brandon Hilkert : >> You said ext3 was faster, thus I think your ramfs test was flawed. >> > > I was able to mount it to a tmpfs partition. There was no change in > throughput with my script on a tmpfs vs ext3 drive. > > So that would mean my disk is not a contribution factor right? Probably. -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de
Re: Performance tuning
* Brandon Hilkert : > any thoughts on how to mount the ramfs to get a true test of running the > queue in memory? In /etc/fstab: /dev/shm /var/spool/postfix tmpfs defaults,size=300m,mode=770,uid=0,gid=0 0 0 -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de Wenn Unternehmen Lehrstühle spenden, dann frage ich mich, ob die nicht zu wenig Steuern zahlen, denn früher hätte der Staat davon den Lehrstuhl gestellt.
Re: broken_sasl_auth_clients?
* Victor Duchovni : > On Wed, Jan 21, 2009 at 10:34:01AM +0100, Patrick Ben Koetter wrote: > > > * Ralf Hildebrandt : > > > With today's clients, is broken_sasl_auth_clients = yes > > > still required? Which clients require it anyway? > > > > Outlook 2000 to 2003 > > Outlook Express ? to 6 > > > > Haven't checked Outlook 2007 yet. > > A user of mine will be testing that shortly, I'll let you know what we > find. So what did you find :) ? -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de "If you put a billion monkeys in front of a billion typewriters typing at random, they would reproduce the entire collected works of Usenet in about ... five minutes." -Anon.
Re: bounce the permanent error messages in queue
* Tony Liu : > Any thoughts on how to bounce the following permanent messages > immediately without being in queue for a long time(for example in queue > 5 days)? I can't do it by setting maximal_queue_lifetime and > bounce_queue_lifetime for there any other messages need to be sent > again. use transpot_maps with: hanting.com error:hanting.com does not accept mail > --- > 37EDD42451217922 Mon Mar 16 17:48:37 hantingc...@gmail.easeye.com.cn > (delivery temporarily suspended: Host or domain name not found. Name service > error for name=hanting.com type=MX: Host not found, try again) > 13806468...@hanting.com > -- > > Thanks in advance. > > Tony. > > -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de One morning I shot an elephant in my pyjamas. How he got into my pyjamas I'll never know. - Groucho Marx
Re: Performance tuning
* Brandon Hilkert : >> In /etc/fstab: >> >> /dev/shm /var/spool/postfix tmpfs >> defaults,size=300m,mode=770,uid=0,gid=0 0 0 >> > > So tmpfs does use the ram ? Yep -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de If JavaScript is walking alone late at night through a bad part of town with a pocket full of $20 bills, ActiveX is dropping your trousers in the middle of the yard of a maximum-security prison, bending over, and yelling 'Come and get it, boys!'
Re: How to index maildir
* Jeff Huang : > Hi,my mailserver is postfix and the mailbox is set to /Maildir. > But I found if there are too many email in maildir,the imap is very slow. Which IMAP server are you using? If it's courier, switch to dovecot -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de I'm not insane, just an ISP. Although people may consider that to be a mark of an insane person!
Re: How to index maildir
* Jeff Huang : > OK,Thanks. > > I'll try cyrus imap. You can't. It doesn't use Maildir. Use dovecot. -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de Program aborting: Close all that you have worked on. You ask far too much.
Re: How to index maildir
* Charles Marcus : > On 3/21/2009, Jeff Huang (jbhu...@scut.edu.cn) wrote: > > OK,Thanks. > > > > I'll try cyrus imap. > > > > Now I use Courier-imap as my imap/pop3 server. > > You'd be much better off trying dovecot, unless you need something > specific that cyrus provides and dovecot does not. But then he wouldn't be using courier now :) -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de cc:Mail SMTPLINK: A 5 year old child left in charge of a large sorting office. Can't reach over the counter properly, can't handle more than one letter at once and has to go looking for a grownup whenever it wants to deliver to mail to other towns. Often opens parcels to look for shiny things inside then just delivers the wrapping paper onwards.
Re: Am I a backscattered email source?
* Ivan Ricotti : > smtpd_recipient_restrictions = > reject_invalid_hostname, > reject_non_fqdn_sender, > reject_non_fqdn_recipient, > reject_unknown_sender_domain, > reject_unknown_recipient_domain, > reject_unauth_pipelining, > permit_mynetworks, > reject_unauth_destination, > reject_rbl_client bl.spamcop.net, > reject_rbl_client cbl.abuseat.org, > reject_rbl_client sbl.spamhaus.org, > permit reject_rbl_client cbl.abuseat.org, reject_rbl_client sbl.spamhaus.org, can be merged into: reject_rbl_client zen.spanhaus.org > Now in my /var/log/mail.info I have a lot of lines like this: > > Mar 25 11:35:10 athene postfix/smtpd[24933]: NOQUEUE: reject: RCPT from > unknown[92.101.112.32]: 554 5.7.1 Service unavailable; Client host > [92.101.112.32] blocked using bl.spamcop.net; Blocked - see > http://www.spamcop.net/bl.shtml?92.101.112.32; > from= to= > proto=SMTP helo= > > Good! I thougth, then I read this help on the postfix documentation page: > > What is backscatter mail? > > When a spammer or worm sends mail with forged sender addresses, > innocent sites are flooded with undeliverable mail notifications. This > is called backscatter mail. With Postfix, you know that you're a > backscatter victim when your logfile goes on and on like this: > > Dec 4 04:30:09 hostname postfix/smtpd[58549]: NOQUEUE: reject: > RCPT from xxx[x.x.x.x]: 550 5.1.1 : > Recipient address rejected: User unknown; from=<> > to= proto=ESMTP helo= > > What you see are lots of "user unknown" errors with "from=<>". These > are error reports from MAILER-DAEMONs elsewhere on the Internet. > > --- > > Now I fear to be source of backscatter emails. Is that my case? No. -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de I have never seen anything fill up a vacuum so fast and still suck. -- Rob Pike, commenting on the X Window System.
Re: Am I a backscattered email source?
* Ivan Ricotti : > >> Mar 25 11:35:10 athene postfix/smtpd[24933]: NOQUEUE: reject: RCPT from > >> unknown[92.101.112.32]: 554 5.7.1 Service unavailable; Client host > >> [92.101.112.32] blocked using bl.spamcop.net; Blocked - see > >> http://www.spamcop.net/bl.shtml?92.101.112.32; > >> from= to= > >> proto=SMTP helo= > >> > >> Now I fear to be source of backscatter emails. Is that my case? > > > > No. > > > > Wow! That's a very good news! > Could I ask you why? What I missed? You're just rejecting the mail, not accepting it. -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de So unleash your nmap-from-hell and beware, you may tickle an obscure bug in an ancient box hand-built by Seymour Cray himself, the only one of its kind ever made, whose sole user pays the salaries of everyone you ever met in the entire time you worked at the company, with money he makes with an investment strategy hand-coded in assembler for this special machine, by an analytic wizard who has since died.
Re: my mailserver has been blacklisted
* Ivan Ricotti : > check_sender_access hash:/etc/postfix/backscatter, What's in here? -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de Real programmers never work 9 to 5. If any real programmers are around at 9 am, it's because they were up all night.
Re: postmaster@ and spam
* LuKreme : > On 26-Mar-2009, at 18:06, Sahil Tandon wrote: >> On Thu, 26 Mar 2009, LuKreme wrote: >> >>> I have in my postffix helo checks, perhaps a bad idea, >>> >>> [some checks up here that reject] >>> /^postmaster\@/ OK >>> /^abuse\@/ OK >> >> Why do these email address patterns appear in a HELO access(5) map? > > Because 9 years ago or so it is what I was told to do. On this list, I'm > pretty sure. In HELO? -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de This is the crucial difference between fiction and real life: fiction must be plausible; real life has no such constraint. -- Kevin Kelly
Re: check_policy_service does not work as expected: protocol_state=RCPT, even under smtpd_client_restrictions
* mig : > Hello, > > I wrote a policy server (that do RBL checks and dynamically disable slow RBL > servers). I supposed the right place is the smptd_client_restrictions: > > smtpd_client_restrictions = > check_policy_service unix:/opt/mailfilter/client_restrictions > smtpd_helo_required = yes > smtpd_recipient_restrictions = >reject_invalid_hostname, >reject_unauth_pipelining, >reject_non_fqdn_sender, >reject_unknown_sender_domain, >reject_non_fqdn_recipient, >reject_unknown_recipient_domain, >permit_sasl_authenticated, >permit_mynetworks > > Unfortunatelly it doesn't work as expected. The policy is not executed when a > client connects, but on each RCPT TO. postconf |grep delay_reject -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de Postfix: Something like a wisened old man sitting on the porch outside the postoffice. Looks at everyone who passes by with deep suspicion, but turns out to be friendly and helpful once he realises you're not there to rob the place.
Re: Logging Postfix Activity
* Marky Yehezkiel (SNC) : > Hi all, > I got info from courier imap mailing list that Dovecot able to answer what I > required. Yes > Is it true? Yes > Does anyone has try this? Yes -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de Programmer /n./ A red-eyed, mumbling mammal capable of conversing with inanimate objects.
Re: Filter incoming emails by source IP but depending on destination domains
* Denis BUCHER : > Hello, > > I have a server with different domains on it. Some domains should only > receive emails from specific IP adresses (SPAM filtering) while other > domains should accept emails from all domains. > > How could I implement this ? smtpd_restriction_classes -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de The probability of someone watching you is proportional to the stupidity of your action.
Re: A better backscatter killer?
* Dennis Carr : > Looking at options here for eliminating backscatter. > > I've reviewed the Howto for this, but it only seems to be effective > against backscatter where one's home domain is forged - not too useful, > IMNSHO, because spammers aren't always going to forge the home domain. Uhhh, what else? Otherwise it wouldn't come "back" to you! -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de Der Router unseres ISPs verliert dauernd Pakete. Was zum Geier nutzen die? Fisher Price, mein erster Router?
Re: A better backscatter killer?
* Dennis Carr : > One thing I've been looking at doing is basically checking headers, and > if the From: header is null, then reject it immediately. The From: header is never null, since it has From: MAILER-DAEMON in it > Other approach is to eliminate my 2ary MX from DNS - most of my spam > comes from that. I don't really want to do that, though, because the > idea of a 2ary MX is for a fallback. > > Thoughts? Apply constinstent rules and recipient verifisation on ALL your MX hosts. -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de One of the main causes of the fall of the Roman Empire was that, lacking zero, they had no way to indicate successful termination of their C Programs.
Re: A better backscatter killer?
* MacShane, Tracy : > Then you won't receive some genuine messages, both bounce and > non-bounce. > > Try the ips.backscatterer.org RBL; it works well for us. > > http://www.mailinglistarchive.com/postfix-users@postfix.org/msg57402.html They are retarded. mail.charite.de is listed in it. -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de MMDF: A jumped up mailroom boy with a chip on his shoulder. Loves the bureaucracy and takes great pride in stamping "illegal address" in red ink on any mail it passes. Unpacks all the mail and repacks it in his own special envelopes before delivery to end users.
Re: MAILS NOT GETTING REJECTED
* Ashwin Muni : > Hi > > I want to reject mails those which are not specified in virtual_alias_maps > Have tried > > smtpd_recipient_restrictions = > permit_mynetworks, > reject_unlisted_recipient > check_relay_domains > reject_unknown_recipient_domain, > check_sender_access hash:/etc/postfix/dbs/sender_access-accept > check_recipient_access hash:/etc/postfix/dbs/chk_rcpt_acc, > reject_unauth_destination Make that smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination reject_unlisted_recipient reject_unknown_recipient_domain, check_sender_access hash:/etc/postfix/dbs/sender_access-accept check_recipient_access hash:/etc/postfix/dbs/chk_rcpt_acc, > > But Still i am able to receive mail those not specfied in virtual_alias_maps > > [r...@localhost postfix]# telnet localhost 25 A test from localhost is not very smart, since it's in mynetworks (usually) -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de What is this "XP pro"? Does this make "XP" unprofessional?
Re: reject
* Martin Schiøtz : > Hi > > I have made a spamfilter server based on Postfix and MailScanner. I > wan't postfix to reject emails to email-addresses that does not exist > on our exchange server. I use a nice perl script that collects the > email-addresses from Exchange AD with LDAP. > > main.cf: > -- > transport_maps = hash:/etc/postfix/transport > relay_domains = example.com > > smtpd_recipient_restrictions = check_recipient_access > hash:/etc/postfix/recipient_access > reject No, use relay_recipient_maps -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de I wish you'd tell me what kind of systems they're using instead, because HP can't be doing much worse than Sun "would you like the compiler or internet options with that" Microsystems, or Silicon "hey be glad the support-contract number isn't a 1-900" Graphics. Then there's Digital "It sucks in 64 bits, you can't suck in 64 bits anywhere else" Equipment Corp (Did we mention it's 64 bits?).
What became of the "duplicate elimination attempt" (global dupfilter)
The subject says it all: What became of the global dupfilter? -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de The Tao that is seen Is not the true Tao-until You bring fresh toner.
Re: reject
* Martin Schiøtz : > Perfect - now postfix rejects with this reason: > > 550 550 5.1.1 : Recipient address rejected: > User unknown in relay recipient table (state 14). If you want less detail: show_user_unknown_table_name = no -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de Nutze die Talente, die du hast. Die Wälder wären sehr still, wenn nur die begabtesten Vögel sängen.
Re: What became of the "duplicate elimination attempt" (global dupfilter)
* Wietse Venema : > Ralf Hildebrandt: > > The subject says it all: What became of the global dupfilter? > > None of the designs sofar has met Postfix quality standards. Thought so. Discussion about dupfiltering came up on the german list, so I thought I'd ask here. -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de H�tte ich 10 Euro f�r jeden Analysten, der in 'Computerfragen' schon falsch lag - ich h�tte inzwischen meine Trauminsel mit halbnackten Frauen, viel Bier und ordentlich Mampfmampf.
Re: problems with smtpd_sender_restrictions and smtpd_client_restrictions
* deconya : > Hi list > > Im having problems with smtpd_sender_restrictions and > smtpd_client_restrictions options. Actually I have: > > smtpd_sender_restrictions = > reject_unknown_sender_domain, > check_sender_access hash:/etc/postfix/spammer, > reject_non_fqdn_sender > > smtpd_client_restrictions= ---> make that check_client_access hash:/etc/postfix/access, > remove thatreject_unauth_destination, >reject_unknown_client, >reject_rbl_client sbl.spamhaus.org Make that reject_rbl_client zen.spamhaus.org -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de Die kuerzesten Computerwitze: 1) Muesste laufen.
Re: meaning of connect immediately followed by disconnect in mail log
* Victor Duchovni : > Firewall brain-damage? Does your server have ECN enabled, is > window-scaling on by default? I find that a public mail-server can > rarely afford to have modern TCP options enabled and still send/receive > mail to/from systems behind random vendor's firewall. Amen to that!!! -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de Don't judge too fast! Some are gurus, but most of us mortals just read the documentation that comes with the TLS patch.-- Patrick Koetter
Re: Configurable replies for hardcoded REJECTS?
* Wietse Venema : > I don't think it is a good idea to tweak each individual reject > message. It makes perhaps more sense to append the same "for support > please (call xxx|see http://mumble/)" text to all reject messages. That was my proposal when he called me. > Of couse no-one ever reads such text, so it is mainly CYA stuff. I can confirm that :) -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de When asked68% of corporate execs said a corporation "Who owns the Internet?": 23% said it was Microsoft 98% of 6th graders said: no one.
Re: GNU mailutils maidag with postfix
* i...@comtek.co.uk : > Hi, > > I am using Postfix with the virtual agent to deliver to Maildirs for LDAP > users. We use > Courier IMAP to pick up mail. This all works fine, but I would like to > provide Sieve for > users. I have been looking at maidag > (http://www.gnu.org/software/mailutils/manual/html_node/maidag.html). Why not use dovecot instead? That way you have it all. -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de Deutschland: Kein Weltraum links auf dem Geraet. Pfeife zerbrochen.
Re: AUTH'ed SMTP query
* Richard Hobson : > Hi, > > I've followed some instructions on the web to get SMPT AUTH working in > Postfix, using saslauthd. > > My client authenticates fine via TLS using LINUX user account credentials, > and emails are relayed fine. However, when I test the connection, I don't > get any 250-AUTH lines: postconf -n output? -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de Profanity is the one language all programmers know best.
Re: AUTH'ed SMTP query
* Richard Hobson : > > > http://www.postfix.org/TLS_README.html#server_tls_auth > > http://www.postfix.org/postconf.5.html#smtpd_tls_auth_only > > OK, I think I get it. I'm not seeing 250-AUTH, because I'm not connecting > via TLS (when doing a telnet to port 25)? Yes. -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de This is supposed to be a happy occasion. Let's not bicker and argue about who killed who."-- From Monty Python's Holy Grail
Re: check sent messages
* Mark Van Crombrugge : > Last night a mail was sent to a group of recipients but it seems like > only a few persons received the message. > The command mailq says "Mail queue is empty, the mail logfile doesn't > show any errors. > > How can I check if a certain message was sent sent? Check the log > Is there a way to log every outbound message's From and To fields? These are not relevant for the delivery -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de Yes, we have guns in the UK. It’s how our police kill foreign tourists. Think on that.
Re: NDR's Not being Delivered Until 5 Days have Lapsed
* wiskbr...@hotmail.com : > > > Hello; > > My users NDR's are not arriving until the 5 day retry period has lapsed, > creating issues whereby time critical emails are not getting out due to their > unawareness of this matter. Normal in certain cases (typoed domains, mostly). Why not use: delay_warning_time = 1h -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de The same people that tell you that a Linux program is as good as a WinNT program would also tell you it's better to wipe your ass with a belt sander instead of toilet paper. I can hear them now -- "It may not look as good but it's faster and does a more thorough job!
Re: NDR's Not being Delivered Until 5 Days have Lapsed
* wiskbr...@hotmail.com : > What about for "undeliverable address: unknown user:"? I set > delay_warning_time to 120m and after 2 hours never received any > warnings at all that my email was rejected due to being sent to an > undeliverable address, user unknown in this case. Logs? > Finally, prior to my change to delay_warning_time, postconf showed it > set to 0, which I suppose does *not* mean instantly? It means: do not warn at all -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de I hate microsoft with a passion. They suck. I irrationally loathe the company, their products, and everything they stand for.
Re: NDR's Not being Delivered Until 5 Days have Lapsed
* wiskbr...@hotmail.com : > Does this mean that if a remote site has this set to 450 that I will > keep trying for 5 days, or however long my "maximal_queue_lifetime" is > set for? Exactly. > What do I do in the case of misconfigured (are they?) MTA's? Wait 5 days. Or contact the idiot sysadmin on the receiving end. Oh, let me guess, they don't have a postmaster account or a proper WHOIS entry, either. -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de "Windows 95 /n./ 32 bit extensions and a graphical shell for a 16 bit patch to an 8 bit operating system originally coded for a 4 bit microprocessor, written by a 2 bit company that can't stand 1 bit of competition."
Re: RESOLVED - RE: NDR's Not being Delivered Until 5 Days have Lapsed
* wiskbr...@hotmail.com : > > Wait 5 days. Or contact the idiot sysadmin on the receiving end. Oh, > > let me guess, they don't have a postmaster account or a proper WHOIS > > entry, either. > > You know these people? LOL! It's always the same. So I was just guessing. -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de If you feel you have received this message in error, please recall that exp(i*pi) + 1 = 0;
Re: Postfix Relay help
* Sriram Nyshadham : > Hi All, > > I need help with the following scenario: > > > 1. We have an application which needs a mail relay to send emails out. Yes. > 2. I am trying to install postfix which acts only as a RELAY server > (without any mailboxes on it) Very simple. > Since I also need an authentication mechanism, Why would you need one? -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de I have never seen anything fill up a vacuum so fast and still suck. -- Rob Pike, commenting on the X Window System.
Re: Another SMTP protocol breakage by ASA
* Mark Martinec : > Ralf, here is another one for your list of Cisco PIX and ASA > problems with inspection of a SMTP protocol (actually, parsing > of a mail header section): > > http://www.arschkrebs.de/postfix/postfix_cisco_pix_bugs.shtml > > > > CSCsy28792 > SMTP session disconnects due to improper parsing of a DKIM header field by ASA > > Problem description: > SMTP session is disconnected during DATA phase of a SMTP transaction > for mail messages with a DKIM signature, where the start of a string > "content-type" or "content-transfer-encoding" in a tag's value of > an "h" tag of a DKIM signature happens to fall on a packet boundary > at a start of a packet. The session is dropped with the next packet > containing a Content-Type or Content-Transfer-Encoding header field. > > Platform: > ASA5580-40 > Cisco Adaptive Security Appliance Software Version 8.1(2) Updated. -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de A well managed mailserver has an empty queue. Instead of spending effort on priority queueing, make the system drain the queue faster for all mail...
Re: eMail redirection
* morphium : > So you don't have any idea how to make postfix accept the emails? > > Anyone? > > 2009/4/27 morphium : > > I did now set > > virtual_alias_maps = hash:/etc/postfix/virtual > > > > modified /etc/postfix/virtual to: > > .* t.re...@dotsource.de > > [thats me] @domain t.re...@dotsource.de -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de "Computer games don't affect kids; I mean if Pac-Man affected us as kids, we'd all be running around in darkened rooms, munching magic pills and listening to repetitive electronic music." Kristian Wilson, Nintendo Inc. 1989
Re: SNMP + MTA-MIB + Postfix
* no7find - : > Hi list ! > > I want to know if there is any implementation of MTA-MIB (defined @ RFC > 2789) for the Postfix. Sounds like something qmgr would keep track of http://www.faqs.org/rfcs/rfc2789.html -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de My office is the kind of place where a non-Microsoft solution is rarely considered. Thus, our network is fully buzzword compliant and the network infrastructure, including DNS and DHCP servers, is based on Windows Server System. -- Marc Haber
Re: SNMP + MTA-MIB + Postfix
* Emmanuel Fusté : > In corporate environment, it is now a big pain for us to provide > accurate realtime metrics, reliable weekly statistics which are > mandatory things requested by our bosses. Big piles of pearl scripts > to post process logs, or parse them as they arrive have limits. > This is a lot of additional work and would be a big piece of code not > involved in improving the capability of postfix to do his job as an SMTP > mailer, but it would greatly improve our life as sysadmins ;-) mailgraph and queuegraph do this out of the box. -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de To sysadmin or not to sysadmin... that is the question, whether tis nobler in the minde to suffer the slings and arrowes of outragious fortune, or climb to the top of the building with a fucking high-power rifle and scope.
Re: your mail
* Len Conrad : > postmap -q "67.218.188" > mysql:/usr/local/etc/postfix/mysql-mta_clients_reactive_b.cf > 554 mta_client_reactive_b > > postmap -q "67.218.188.4" > mysql:/usr/local/etc/postfix/mysql-mta_clients_reactive_b.cf > ... no data > > man 5 access seems to make no distinction between .map and SQL tables: > > HOST NAME/ADDRESS PATTERNS > > With lookups from indexed files such as DB or DBM, or from networked > tables such as NIS, LDAP or SQL, the following lookup patterns are > examined in the order as listed > > Subnetworks are matched by repeatedly truncating the last > ".octet" from the remote IPv4 host address string until a match > is found in the access table, or until further truncation is not > possible. So where is the problem now? -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de "How would you rate our government's incompetence? Typical unix response: Unmatched ".
Re: your mail
* Len Conrad : > 1. my email client discarded my wonderful Subject: line Your client is Imail? Their servers are crap so why should the client be better :) > 2. The problem is that a query for 67.218.188.4 is not matched by an > entry of 67.218.188. This works in hash:.map tables, so why doesn't it > work in SQL tables? iow, how to block a Class C with SQL table? It works just the same Postfix performs the lookups: 67.218.188.4 67.218.188 67.218 67 against the map. Try query logging. -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de Next thing you know, someone will nail 95 patches to the door, then register postfixreformation.org. Hmmm, no, on further thought, religious zeal is better suited to other MTA's anyway. As are the 95 patches.
Re: Postfix Setup
* Jeff Bernier : > I had asked a fairly clear question... it was: Ho do I set Postfix to > accept email for, and relay email to another MTA? This is the one thing > I need to accomplish. It's not really easy to answer that question: "accept email for another MTA": why does the mail arrive on the Postfix box? What should the Postfix DO with the mail? For all recipients? Or just for existing recipients? Where do you get a list of valid recipients from? "relay email to another MTA": what email? All email? Just email TO a certain destination domain? For all recipients? Or just for existing recipients? Where do you get a list of valid recipients from? You PROBABLY need to set: relay_domains = domain.to.relay.to relay_recipient_maps = hash:/etc/postfix/relay_recipients # that makes postfix accept mail TO valid_recipi...@domain.to.relay.to transport_maps = hash:/etc/postfix/transport # containing: # domain.to.relay.to[mta.to.relay.to] -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de One Unix to rule them all, One Resolver to find them, One IP to bring them all and in the zone to bind them.
Re: Mails stuck in incoming queue
* ram : > Thanks for all the info. Well the high incoming queue is definitely is > due to syslog. Because I also notice that some of my logs are also > getting dropped. > > Sorry for being OT , but can someone help me find what is wrong with my > syslogd. Show the config. -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de "General Failure's Fault. Not Yours." -Anon.
Re: Mails stuck in incoming queue
* ram : > > On Fri, 2009-05-08 at 09:10 +0200, Ralf Hildebrandt wrote: > > * ram : > > > > > Thanks for all the info. Well the high incoming queue is definitely is > > > due to syslog. Because I also notice that some of my logs are also > > > getting dropped. > > > > > > Sorry for being OT , but can someone help me find what is wrong with my > > > syslogd. > > > > Show the config. > > > > > > This is my postconf -n output below ( Note: syslog_facility = local6 ) And the syslog.conf? -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de The number of the beast - vi vi vi.
Re: Mails stuck in incoming queue
* ram : > # Log anything (except mail) of level info or higher. > # Don't log private authentication messages! > *.info;mail.none;authpriv.none;cron.none/var/log/messages *.info;mail;authpriv;cron;local7;local6.none /var/log/messages otherwise /var/log/messages will contain local7. & local6.*! > # The authpriv file has restricted access. > authpriv.* /var/log/secure > > # Log all the mail messages in one place. > mail.*-/var/log/maillog > > > # Log cron stuff > cron.* /var/log/cron > > # Everybody gets emergency messages > *.emerg * > > # Save news errors of level crit and higher in a special file. > uucp,news.crit /var/log/spooler > > # Save boot messages also to boot.log > local7.*/var/log/boot.log > local6.* -/var/log/lmaillog > > -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de Redmond WA -- Microsoft announced today that the official release date for the new operating system "Windows 2000" will be delayed until the second quarter of 1901. -- seen in Brian Hatch's sig
Re: smtp_header_checks
* Alvaro Marín : > >> I'm trying to delete/discard an emai if it has a header with one value. > >> I've to do it after it is accepted (and after one content filter > >> execution) so I thought in smtp_header_checks but I see that it doesn't > >> support actions like DISCARD. > >> Any idea of how to do this? > > > > According to: > > > > http://www.postfix.org/header_checks.5.html > > > > there is definitely a DISCARD action. > > > > And, it's header_checks, not smtp_header_checks: > > > > http://www.postfix.org/postconf.5.html#header_checks > > http://www.postfix.org/postconf.5.html#smtp_header_checks Do you want to do this on INCOMING or OUTGOING mail? -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de postfix-users@postfix.org: The list that makes you think!
Re: header_checks & body_checks exemptions
* Eric Cunningham : > Is there a way to exempt postmas...@my.domain, ab...@my.domain and > u...@my.domain from header_checks and body_checks while still maintaining > the functionality of those checks? No. -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de "MS-DOS isn't dead, it just smells that way." - Henry Spencer
Re: Postfix-2.6.0 RPM
* Brian Collins : > > I noticed that Postfix V#2.6.0 is now out. Does anybody know where to > > get RPM files? GOOGLE did not help. > > Simon Mudd picks up the releases and makes good source and binary RPMs from > them with lots of options. However, he's a busy man and does not always get > to them right after release. A kindly-worded email to him might yield you > an estimate of when he'll get to 2.6. He's a bit busy right now due to family issues. -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de "It's always nice to see USA set the edgy standards. First for freedom, then for the police state."
Re: Need To Reject Inbound From Addresses with My Own Domain/s
* Barney Desmond : > 2009/5/15 LuKreme : > > Now, just to double check, if postfix is compiled with PCRE then it doesn't > > matter if the table is named regex or pcre, it uses and understands pcre, > > right? > > A PCRE regex in a "regexp" table would still be incorrect. Yes. But with simple stuff, it works. > I've not tested this, but I assume you'd get some failure. Or it "just don't work" :) -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de The same people that tell you that a Linux program is as good as a WinNT program would also tell you it's better to wipe your ass with a belt sander instead of toilet paper. I can hear them now -- "It may not look as good but it's faster and does a more thorough job!
Re: RFC 1918 -v- Postfix
* Steve :
> Hello 'list';
> This is my first time out in 'list' land so please don't flame me if I
> get the format wrong. Coaching and constructive criticism is fine ;-)
> {usenet group seems to be almost dead ?}
>
> I've recently noticed that my Postfix is being a naughty bunny. It is
> attempting to query my ISP nameserver to reverse resolve LAN addresses
> defined in my_networks.
Of course.
It tries to resolve the IP address of all clients connecting.
> The queries look like this;
> 19-May-2009 7:26:56.489 client #12345: query:
> 60.1.168.192.in-addr.arpa IN PTR +
Yes.
> Which in turn gives this;
> security: warning: client #12345: RFC 1918 response from
> Internet for 60.1.168.192.in-addr.arpa
The security warning is broken. Turn it off.
--
Ralf Hildebrandt
Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155
http://www.computerbeschimpfung.de
Für spezielle Leute den Schwiegermutter-Modus, eine keifende
Stimme, die schreit: "Und ich habe Dir doch gesagt, Du sollst
einen Backup machen. Aber Du hörst ja nie auf mich."
Re: RFC 1918 -v- Postfix
* Steve : > I disagree. It looks like Postfix is broken. Whilst I can see the desire > to look up private IP ranges to see if they have a PTR record, it would > not be unreasonable to expect it not to do it for trusted clients - such > as those defined in 'my_networks'. Where is this behaviour documented? > As a trusted and solid MTA there must be a way to get it to stop leaking > rubbish DNS lookups from private networks ? You could set up your forwarder/local DNS properly. This doesn't happen here. -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de One of my frequent mistakes is to believe users' interpretation of what is happening. -- Wietse
Re: RFC 1918 -v- Postfix
* Steve : > > Where is this behaviour documented? > Good question. If it is not surely it would make a sensible feature > request? Clearly as an expert on Postfix perhaps you can tell *ME* how > to get Postfix to stop attempting rubbish DNS lookups rather than try > and start an argument with me? I THINK it is possible, but that would disable it for all lookups, which is not wanted. > Asking the question with the BIND list (which I did before coming here) > clearly put the blame on the attempting client here - AKA 'Postfix'. > Postfix is asking stupid questions to public DNS servers. Postfix does not perform DNS queries, that is done by your local (libc) resolver. > They are nonsensical in my network context. That is, small class C with > a handful of hosts, external DNS. Not only are they nonsensical queries > to make, they are also a total waste of network resources and > bandwidth. The fix here is to stop the client making them, not to stop > the resolver from answering them. Usually, you would make BIND responsible for those local network, e.g. with dummy zones. powerdns does this automatically (which seems to be beneficial for your setup) -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de Only through hard work and perseverance can one truly suffer.
Re: RFC 1918 -v- Postfix
* Steve : > Indeed, Postfix does *not* perform DNS queries. However, it asks the > question in the first instance that results in the lookup. This is just > a case of arguing semantics. It is close to buggy behaviour IMHO. If it > produces unintended results = bug. smtpd_peername_lookup = yes -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de PP: MMDF gone mad with standards fever. Think "Brazil".
Re: RFC 1918 -v- Postfix
* Ralf Hildebrandt : > > Indeed, Postfix does *not* perform DNS queries. However, it asks the > > question in the first instance that results in the lookup. This is just > > a case of arguing semantics. It is close to buggy behaviour IMHO. If it > > produces unintended results = bug. > > smtpd_peername_lookup = yes I meant: smtpd_peername_lookup = no - of course. -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de Postfix sucks, we all use it because we are masochists!
Re: RFC 1918 -v- Postfix
* Steve : > On Tue, 2009-05-19 at 10:49 +0200, Ralf Hildebrandt wrote: > > smtpd_peername_lookup = no > > Any idea what it defaults to Ralf? postconf -d smtpd_peername_lookup -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de A: No. Q: Should I include quotations after my reply?
Re: mails not getting delivered
* punit jain : > Hi , > > I have a setup with postfix integrated with spamassassin and amavis. I > have a configuration with all spam tagged mails redirected to a spam > id. For a user i have a problem with mails not being recieved in inbox > though postfix logs say its delivered. How do you check if the mail is in the mailbox? > May 19 14:36:16 mail postfix/local[23411]: A1A88E6063B: > to=, orig_to=, relay=local, > delay=0, status=sent (delivered to maildir) ... > home_mailbox = Maildir/ I guess the mail should be here: mutt -f ~spamadmin/Maildir/ -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de We have joy, we have fun, we have Linux on our Sun!
Re: Custom 550 5.1.1 message
* Mark Edwards : > I would like to issue a custom message for 550 5.1.1 errors, on a per- > user basis. In other words, instead of the generic > >> Recipient address rejected: User unknown in virtual mailbox table > > > that goes out now, I want the ability to override that with a message > saying something like: > >is no longer valid; please contact at address>. > > Is such a thing possible with Postfix? Thanks! man 5 relocated -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de This software comes with ABSOLUTELY NO WARRANTY. Even if it erases your hard drive, too bad. Although we did fix that bug from the last release.
Re: Connection Refused!!
* Just E. Mail : > "telnet localhost smtp" connects but when I try "telnet mail.tib.com 25", > I receive the error: > > - > [r...@rs1 ~]# telnet mail.tib.com 25 > Trying 65.103.190.107... > telnet: connect to address 65.103.190.107: Connection refused > telnet: Unable to connect to remote host: Connection refused Bind postfix to all interfaces, not just localhost > [r...@rs1 ~]# postconf -n ... > inet_interfaces = localhost Oingo Boingo -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de "...Yet terrible as UNIX addiction is, there are worse fates. If UNIX is the heroin of operating systems, then VMS is barbiturate addiction, the Mac is MDMA, and MS-DOS is sniffing glue. (Windows is filling your sinuses with lucite and letting it set.) You owe the Oracle a twelve-step program." -- The Usenet Oracle
Re: Connection Refused!!
* Just E. Mail : >> Bind postfix to all interfaces, not just localhost > Raif: It'S Ralf. Raif is an Arab name. I guess. I am called Raif in Italy, though. Dunno why. > inet_interfaces = all > (several lines further down in main.cf) > inet_interfaces = localhost Yes, that's why "postconf -n" is such a useful command -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de | <- You must be smarter than this stick to ride the Internet
Re: OT: Multiple Queues
* Steve : > This 'BSMTP' munged MTA looks to offer very little more than Postfix > save for some Rate Control/Throttling/Better logging ? From my early > explorations with Postfix, it can mostly do all of this anyway or am I > missing something? Postfix does rate control, but on a "one size fits all"-basis. > The real question I guess I am asking - is it possible to have three > instances of Postfix running on the same box, listening on different > ports, with separate queue directories? Yes. 2.6.x can do it easily with the multiple instance support. -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de Perl - The only language that looks the same before and after RSA encryption." -- Keith Bostic
Re: OT: Multiple Queues
* Steve : > The feature set that this 'bsmtp' proxy seems to offer are; > 1. Recipient Verification checks via one of three mechanisms in sequence > a. LDAP/AD query (able to query one or more LDAP servers) > b. SMTP Recipient Verification (sends a test message to server > from 'postmaster' > c. Flat text file of allowed recipients Postfix can do that > 2. Rate/Anti DNS control > a. If IP X is seen more than 50 times in 30 minutes block it. Postfix can do that using anvil > 3. SPF > > Mixed emotions about that one myself. SPF sucks. DKIM is better. But both are not really widespread -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de "Memory is like gasoline. You use it up when you are running. Of course you get it all back when you reboot..." -- Actual explanation obtained from the Micro$oft help desk.
Re: outbound source ip adress
* gohst...@bc.iij4u.or.jp : > Hi! > > I have '8 global IP' and '8 domains'. > I assign all domains / IP addresses to one server > (I use the IP alias/OS:CentOS5.3/Postfix:Ver2.6.1). > > Postfix refer to the e-mail address (a domain) of the origin of dispatch > and want to set up the connection of the outward arrow every 1 domain w > ith 1 global IP. > #Postfix use the first IP address assigning to the NIC as a source IP ad > #dress. > > Is not there any good idea? Setup a individual postfix instances, each one binding to exactly the desired IP -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de Ich habe manchmal den Eindruck, dass ein Telefon wesentlich komplizierter zu bedienen ist als beispielsweise der ed(1). Vergleich doch einfach mal "man ed" mit der Gebrauchsanleitung fuer ein modernes Telefon.
Re: outbound source ip adress
* gohst...@bc.iij4u.or.jp : > Hi! > Thanks reply. > > After all may not you do it when you do not install postfix in every > each IP address? I beg your pardon? Either do it the way I outlined or it won't work :) -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de You are being trampled by the MSN drunken elephant in a tutu. Contact MSN to get off their blacklist.
Re: time stamp changes in the queue'
* tom lee : > my procmail setting is very simple: > > VERBOSE=yes > LOGFILE=/var/log/procmail.log > USERINBOX="$HOME/Maildir/" > :0 > $USERINBOX > > > so, if $USERINBOX is not writable, procmail delivered the mail to > /var/mail, not the postfix. > (I may change USERINBOX to the external storage eventually) . > not sure if there is a way to let procmail to stop the delivery to > /var/mail? maybe I need to check procmail mailing lis. SImply turn procmail off and all will be well -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de A printer consists of three main parts: the case, the jammed paper tray and the blinking red light
Re: How to resend a message?
* lists.postfix-us...@duinheks.nl : > Hello, > > I typed the address in a message wrong. Pine copied ot to the > sendmail folder anyway. But postfix saw the message that the > address was wrong and put it in the mailq. (Fair enough). > Question is: can I resnd the message with the correct address > and if yes, how? I fail to see how this is a postfix question! Go to the sent-folder, edit the mail, send it again. -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de The Imperial Vendor or Contractor probably told them that droid armies don't need redundant command centers, nor any kind of high availability ... you're supposed to buy several, and cluster them. Redundant Array of Inexpensive Droids?
Re: Blocking external messages TO the hostname
* Oliver Kohll - Mailing Lists : > Hello, > > My postfix manages mail for a number of domains, e.g. gtwm.co.uk. The MX > records are set so that mail is filtered through a third party spam > catcher. > > However the server has one domain that is the 'main' hostname of the > server, listed in /etc/hosts: > 62.73.174.227eul0001189.eu.verio.net eul0001189 > and in 'mydestination' in /etc/postfix/main.cf > > The MX record for this just points to itself: > eul0001189.eu.verio.net. 3600 IN MX 100 eul0001189.eu.verio.net. > > Addresses are mapped to accounts in /etc/postfix/virtual, e.g. > oli...@gtwm.co.uk wmoliver > > Now the problem is that if a spammer sends email directly to > wmoli...@eul0001189.eu.verio.net it bypasses the third party spam filter > and gets delivered. This has been happening. Then don' use eul0001189.eu.verio.net as myhostname/mydestination, but: eul0001189.eu.verio.net.invalid and in virtual use: oli...@gtwm.co.uk wmoli...@eul0001189.eu.verio.net.invalid > I've tried removing eul0001189.eu.verio.net from mydestination but this > stopped any mail from being able to be delivered, probably because address > rewriting uses this as the final destination. e.g. here is some of the > header of an example mail to oli...@gtwm.co.uk Yes. -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de It is better to live rich than to die rich. -- Samuel Johnson
Re: message_size_limit,
* Corey Chandler : > Wietse Venema wrote: >> >> No MTA, including Postfix, sends bounce messages for mail that it >> does not accept. >> >> Wietse >> > I'm pretty sure I've seen qmail do exactly this... :-p Some variation of > its default "accept, then bounce" methodology... In that case it accepted it, then bounced it. Wietse said "No MTA sends bounce messages for mail that it does not accept". Which is a joke. Since it's not possible.
Re: smtp_sasl_mechanism_filter doesn't wok
* Zero Zeibov : > I try to limit auth mech in postfix 2.6.1 on FreeBSD 6.4. For this > I've added to main.conf: > > smtp_sasl_mechanism_filter = plain, login smtpd_sasl_mechanism_filter = plain, login -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de "General Failure's Fault. Not Yours." -Anon.
Re: myhostname is different between postconf and main.cf
* Tim Legg : > > According to 'postconf -d', Which displays the default, not what you set... -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de Wenn etwas Abstoßendes modern wird, ist es sofort anziehend.
"nobody is going to write a new MTA"
Turns out Wietse was wrong: http://lwn.net/SubscriberLink/334866/fffe7b1a0716c0e4/ -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de I have never seen anything fill up a vacuum so fast and still suck. -- Rob Pike, commenting on the X Window System.
Re: "nobody is going to write a new MTA"
> > Turns out Wietse was wrong: > > http://lwn.net/SubscriberLink/334866/fffe7b1a0716c0e4/ > > All political; no real rational reasoning for it I know, but still worth an informational message -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de Standard Cyrus SASL behaviour. SASL developers don't believe in logging. Logging is for wimps, real men use their psychic abilities to find out what's going on.-- Liviu Daia
Re: Illegal address syntax
* Aravind M D : > > When we have done an smtp testing on one of our trading application > server using the frontend smtp tool, we are not able to send out mails > internally to the mailserver, as the mailserver is rejecting with the > following error message. > > warning: Illegal address syntax from unknown[ipaddress] in MAIL command: > '' > > Can anyone give me a solution for this. Show the complete, unmodified log entry. -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de "Memory is like gasoline. You use it up when you are running. Of course you get it all back when you reboot..." -- Actual explanation obtained from the Micro$oft help desk.
Re: received date differs
* K bharathan : > the attached is a header of a spam mail; i found the dates are different and > delivered today; but inbox date shows 13/02/2009; > what could have gone wrong? Nothing. > Date: Fri, 13 Feb 2009 05:48:52 - (GMT) -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de All data leaves a trail. The search for data leaves a trail. The erasure of data leaves a trail.The absence of data, under the right circumstances, can leave the clearest trail of all. -- Dr. Kio Masada
Re: received date differs
* K bharathan : > i find myself dumb on this > appreciate an explanation "Date:" is just a header - meaning the user can specify it, just like "To:", "Subject:" or "Cc:". It need not be correct. -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de Realist: Optimist mit Erfahrung
Re: virtual.regexp not working
* Kammen van, Marco, Springer SBM NL : > Hi All, > > > > One of our users is requesting a batch of e-mail aliases ranging from: > > j10...@domain.com to j10...@domain.com > > > > I made the following regexp which kind of does the trick: > > > > /j10[0-3][0-9][0-...@domain\.com/ thisaddr...@domain.com /^j10[0-2][0-9][0...@domain\.com$/ thisaddr...@domain.com /^j10...@domain\.com$/ thisaddr...@domain.com -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de A crash reduces Your expensive computer To a simple stone.
Re: How is it: mynetworks = 127.0.0.0/8 yet local network users are able to send.
* Sthu Pous : > Interesting to note, but on > > postconf -d > > I see mynetworks = 127.0.0.0/8 v.x.y.z/25 192.168.0.0/24 > > from whence it comes? postconf -d shows the defaults -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de Computer /nm./: a device designed to speed and automate errors. -- From the Jargon File.
multi instance support bug (env not found)
I built and install 2.6.x today: % make makefile % make % make install on a pristine machine and tried the multi-instance support. I did this (fresh from my shell, no edits): r...@hanni:/etc/postfix# postmulti -l -a - - y /etc/postfix r...@hanni:/etc/postfix# postmulti -I postfix-myinst -e create ### Damn, I cut&pasted it from the instructions, I wanted to name it differently. I read on, wo to delete... r...@hanni:/etc/postfix# postmulti -i postfix-myinst -p stop postfix-myinst/postfix-script: fatal: the Postfix mail system is not running r...@hanni:/etc/postfix# postmulti -i postfix-myinst -e disable r...@hanni:/etc/postfix# postmulti -i postfix-myinst -e destroy /usr/libexec/postfix/postfix-script: 346: /bin/env: not found /usr/libexec/postfix/postfix-script: 346: /bin/env: not found /usr/libexec/postfix/postfix-script: 346: /bin/env: not found /usr/libexec/postfix/postfix-script: 346: /bin/env: not found /usr/libexec/postfix/postfix-script: 346: /bin/env: not found r...@hanni:/etc/postfix# which env /usr/bin/env -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de Men are from Mars. Women are from Venus. Computers are from hell.
can't get smtp_fallback_relay to work
I'm trying to run two instances, I'm injection on localhost port 10025
into postfix-ram, which has the queue in RAM:
Jun 5 15:35:17 hanni postfix-ram/cleanup[24403]: 45F4A2E369:
message-id=<20090605133514.45f4a2e...@nanni.state-of-mind.de>
Jun 5 15:35:17 hanni postfix-ram/qmgr[24345]: 45F4A2E369:
from=, size=363, nrcpt=1 (queue active)
Jun 5 15:35:18 hanni postfix-ram/smtp[24385]: 45F4A2E369: host
digital.ktu.lt[193.219.160.140] said: 452 4.4.5 Insufficient disk space; try
again later (in reply to MAIL FROM command)
Jun 5 15:35:18 hanni postfix-ram/smtp[24385]: warning: smtp_fallback_relay
configuration problem
Jun 5 15:35:18 hanni postfix-ram/smtp[24385]: 45F4A2E369:
to=, relay=none, delay=5.8, delays=5.6/0/0.21/0,
dsn=4.3.5, status=deferred (mail for 194.126.158.237 loops back to myself)
default instance:
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debug_peer_list = 127.0.0.1
html_directory = no
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/local/man
multi_instance_directories = /etc/postfix-ram
multi_instance_enable = yes
multi_instance_wrapper = ${command_directory}/postmulti -p --
mydestination = $myhostname
myhostname = hanni.state-of-mind.de
mynetworks = 127.0.0.1
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = no
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
unknown_local_recipient_reject_code = 550
postfix-ram instance:
alias_maps = hash:/etc/aliases
authorized_submit_users =
command_directory = /usr/sbin
config_directory = /etc/postfix-ram
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix-ram
debug_peer_level = 2
html_directory = no
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/local/man
multi_instance_enable = yes
multi_instance_name = postfix-ram
mydestination = $myhostname
myhostname = nanni.state-of-mind.de
mynetworks = 127.0.0.1
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix-ram
readme_directory = no
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtp_connect_timeout = 3s
smtp_data_done_timeout = 60s
smtp_data_init_timeout = 12s
smtp_data_xfer_timeout = 18s
smtp_fallback_relay = [194.126.158.237]
smtp_helo_name = ram.state-of-mind.de
smtp_helo_timeout = 30s
smtp_mail_timeout = 30s
smtp_quit_timeout = 30s
smtp_rcpt_timeout = 30s
smtp_rset_timeout = 2s
smtp_starttls_timeout = 30s
unknown_local_recipient_reject_code = 550
Why is it looping? I already tried changing the smtp_helo_name as you
can see.
--
Ralf Hildebrandt
Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155
http://www.computerbeschimpfung.de
Netzwerkgrundlagen anhand Windows lernen zu wollen ist doch wie seine
ersten sexuellen Erfahrungen mit einer Prostituierten zu sammlen: Die
Leidenschaft fehlt, das wirklich Wichtige lernt man dabei nicht, und die
Chance sich einen Sch�dling einzufangen ist hoch. (Lukas Graf in d.c.s.m)
Re: can't get smtp_fallback_relay to work
* Wietse Venema : > Ralf Hildebrandt: > > Jun 5 15:35:18 hanni postfix-ram/smtp[24385]: warning: smtp_fallback_relay > > configuration problem > > smtp_fallback_relay = [194.126.158.237] > > I don't think you can set smtp_fallback_relay to the local SMTP port. Grmbl. Neither 127.0.0.1 nor 194.126.158.237 work. Does that mean I must use inet_interfaces = localhost in one instance and inet_interfaces = 194.126.158.237 on the other? -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de This is the first age that's paid much attention to the future, which is a little ironic since we may not have one. -- Arthur Clarke
Re: can't get smtp_fallback_relay to work
* Wietse Venema : > The Postfix SMTP client will never send mail to the SMTP port on > any IP address that is listed in $inet_interfaces. This is part of > the basic loop elimination algorithm that also keeps Postfix from > sending mail to equal-preference MX hosts. Yes, I initially suspected the HELO... > Either play games in main.cf:inet_interfaces or with master.cf, > or use a non-default SMTP port. Yes, that works -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de I dropped my computer on my foot! That Megahurtz!
Re: About Postfix Crash
* Sriram Nyshadham : > Hi All, > > Please help me understand why this happened. Postfix has been running > fine for the past one year + without any issues and suddenly it crashed > yesterday on one of our production servers with the following messages: I see no crash in the logs you posted. -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de Wenn die Leute mit dem Logfile die IT-Kompetenz von einem Kilo Torfmoos an den Tag legen, ist dem Anschein nach davon auszugehen, dass sie schlicht nicht faehig sind, die Logfiles entsprechend zu verfaelschen. Bei Microsoft Exchange Admins ist das bezueglich SMTP u.ae. leider des Oefteren der Fall. (Ja, es gibt viele Ausnahmen, aber wer Kompetenz im Bezug auf E-Mail besitzt, setzt Exchange nicht direkt am Internet ein.)
