Re: Mail forwarding loop

2012-11-08 Thread Jamie Paul Griffin
/ David Rees wrote on Thu 8.Nov'12 at 14:59:01 -0800 / > On Thu, Nov 8, 2012 at 8:25 AM, Daniele Nicolodi wrote: > > I think I have a problem with my simple mail server. I noticed several > > bounce mails in the queue, which postfix in unable to deliver. > > You're seeing the same issue as was

Re: Mail forwarding loop

2012-11-08 Thread Jeroen Geilman
On 11/08/2012 11:39 PM, Daniele Nicolodi wrote: On 08/11/2012 23:21, Jeroen Geilman wrote: Postfix cannot detect a mail loop if it has never seen the message before. You are not re-injecting the filtered message, you are (or, rather, SA is) calling sendmail(1), which in turn invokes pickup(8):

Re: Mail forwarding loop

2012-11-08 Thread David Rees
On Thu, Nov 8, 2012 at 8:25 AM, Daniele Nicolodi wrote: > I think I have a problem with my simple mail server. I noticed several > bounce mails in the queue, which postfix in unable to deliver. You're seeing the same issue as was posted the other day in the thread "Best way to handle a Delivered-

Re: Mail forwarding loop

2012-11-08 Thread Daniele Nicolodi
On 08/11/2012 23:21, Jeroen Geilman wrote: > Postfix cannot detect a mail loop if it has never seen the message before. > You are not re-injecting the filtered message, you are (or, rather, SA > is) calling sendmail(1), which in turn invokes pickup(8): > > Nov 8 12:35:47 zed postfix/pickup[

Re: Mail forwarding loop

2012-11-08 Thread Jeroen Geilman
On 11/08/2012 11:12 PM, Jeroen Geilman wrote: On 11/08/2012 05:25 PM, Daniele Nicolodi wrote: Hello, I think I have a problem with my simple mail server. I noticed several bounce mails in the queue, which postfix in unable to deliver. C0B0160EC 12730 Thu Nov 8 12:35:47 MAILER-DAEMON (los

Re: Mail forwarding loop

2012-11-08 Thread Jeroen Geilman
On 11/08/2012 05:25 PM, Daniele Nicolodi wrote: Hello, I think I have a problem with my simple mail server. I noticed several bounce mails in the queue, which postfix in unable to deliver. C0B0160EC 12730 Thu Nov 8 12:35:47 MAILER-DAEMON (lost connection with eforward5.registrar-servers.

Re: Verify cache missing?

2012-11-08 Thread Nikolaos Milas
On 8/11/2012 8:46 μμ, Wietse Venema wrote: You had tons of whitelisting rules that fire long before processing would reach reject_unverified_recipient. Yes, all messages leaving from the server do so mainly either through permit_mynetworks or permit_sasl_authenticated; So, I see, when reject

Re: Verify cache missing?

2012-11-08 Thread Wietse Venema
Nikolaos Milas: > Incidentally, as I am far from a geek, I would kindly request an > explanation why "reject_unverified_recipient" should be placed first, > since my thought that being at the end it would probably never match was > wrong. As documented in SMTPD_ACCESS_README: Each restrict

Re: Verify cache missing?

2012-11-08 Thread Nikolaos Milas
On 8/11/2012 5:44 μμ, /dev/rob0 wrote: Bad form, if that includes any permit actions (as the filename implies it might.) A "permit_auth_destination" would be safe. http://www.postfix.org/SMTPD_ACCESS_README.html#danger ... Either of these might have permitted the mail below also. ... So migh

Re: Verify cache missing?

2012-11-08 Thread Nikolaos Milas
On 8/11/2012 6:52 μμ, Nikolaos Milas wrote: And the newly created file got a non-zero length: # ls -la /var/lib/postfix/ total 28 drwx--. 2 postfix root 4096 Sep 27 18:44 . drwxr-xr-x. 28 root root 4096 Sep 26 15:40 .. -rw---. 1 postfix postfix 33 Oct 30 15:51 master.lock -rw--- 1 p

Re: Mail queue not being cleared per setting

2012-11-08 Thread Josh Berkus
Noel, > max_queue_lifetime will reduce the amount of time undeliverable mail > hangs around in the queue, regardless of the reason. > > You can set it lower, but with caution -- postfix can't tell the > difference between a domain that will never work and some legit > domain that happens to be do

Re: Sender address rejected: Domain not found

2012-11-08 Thread Noel Jones
On 11/8/2012 10:02 AM, Feel Zhou wrote: > Sorry, I change the log file, The real log is > > Nov 8 23:11:45 shcx postfix/smtp[10637]: BC051AC0064: > to=mailto:yc...@de.ferrotec.com>>, > relay=mail.de.ferrotec.com > [80.150.185.227]:25, delay=20816, > delays=20791/0.01/

Re: Verify cache missing?

2012-11-08 Thread Nikolaos Milas
On 8/11/2012 6:23 μμ, Wietse Venema wrote: Put reject_unverified_mumble FIRST not LAST. OK, I did this and I also followed Robert's advice to manually touch the cache file and now I hope things are working as expected: Nov 8 18:41:31 vmail postfix/submission/smtpd[2071]: connect from admin

Mail forwarding loop

2012-11-08 Thread Daniele Nicolodi
Hello, I think I have a problem with my simple mail server. I noticed several bounce mails in the queue, which postfix in unable to deliver. > C0B0160EC 12730 Thu Nov 8 12:35:47 MAILER-DAEMON > (lost connection with eforward5.registrar-servers.com[38.101.213.202] while > receiving the init

Re: Verify cache missing?

2012-11-08 Thread Wietse Venema
Nikolaos Milas: > > postconf -n | grep reject_unverified > smtpd_recipient_restrictions = check_recipient_access > hash:/etc/postfix/protected_destinations, permit_mynetworks, > permit_sasl_authenticated, reject_unauth_destination, > check_policy_service inet:127.0.0.1:10040, > reject_unknown_r

Re: Verify cache missing?

2012-11-08 Thread Nikolaos Milas
On 8/11/2012 5:44 μμ, /dev/rob0 wrote: Show the ENTIRE logs for this message. Was the sending client in $mynetworks? Did the client use AUTH? Was the recipient address in /etc/postfix/protected_destinations with a permit action? Here is the whole log (removed the last octet of the client publi

Re: Sender address rejected: Domain not found

2012-11-08 Thread Feel Zhou
Sorry, I change the log file, The real log is Nov 8 23:11:45 shcx postfix/smtp[10637]: BC051AC0064: to=< yc...@de.ferrotec.com>, relay=mail.de.ferrotec.com[80.150.185.227]:25, delay=20816, delays=20791/0.01/5.5/19, dsn=4.1.8, status=deferred (host mail.de.ferrotec.com[80.150.185.227] said: 450 4.

Re: Sender address rejected: Domain not found

2012-11-08 Thread /dev/rob0
On Thu, Nov 08, 2012 at 11:42:30PM +0800, Feel Zhou wrote: > My customer send mail via my mail server > And set def.cn at mynetworks "Def.cn" is a domain, not an IP address. $mynetworks should be a list of networks, that is, IP addresses, not names. http://www.postfix.org/BASIC_CONFIGURATION_REA

Re: Verify cache missing?

2012-11-08 Thread /dev/rob0
On Thu, Nov 08, 2012 at 04:47:43PM +0200, Nikolaos Milas wrote: > On 8/11/2012 3:46 μμ, Ralf Hildebrandt wrote: > >"User unknown in virtual mailbox table" > >involves no "reject_unverified_recipient", since Postfix doesn'T > >have to verify the recipient - it simply looks into the virtual > >mail

Re: Verify cache missing?

2012-11-08 Thread Robert Schetterer
Am 08.11.2012 12:09, schrieb Nikolaos Milas: > I'm on CentOS 5.8 x86_64 with > postfix-2.9.1-1.pcre.sasl2.dovecot.rhel5.x86_64.rpm (custom-built to use > LTB LDAP RPM) > > Based on infofrom the former thread above, I would expect to see a > verify_cache.db at /var/lib/postfix because: i dont know

Re: Verify cache missing?

2012-11-08 Thread Wietse Venema
Nikolaos Milas: > On 8/11/2012 4:37 ??, Wietse Venema wrote: > > > If you do not see "status=deliverable" or "status=undeliverable", > > then you haven't correctly configured reject_unverified_sender or > > reject_unverified_recipient, or you are testing with the wrong email > > address (Postfix e

Re: Verify cache missing?\

2012-11-08 Thread Wietse Venema
Nikolaos Milas: > I don't see any "postfix/verify" instances in the > logs of this server. Address verify logging ALWAYS looks like "status=deliverable" or "status=undeliverable". Address verify logging is NEVER logged by the verify daemon. Address verify logging is ALWAYS logged by the smtp/lo

Re: Verify cache missing?

2012-11-08 Thread Nikolaos Milas
On 8/11/2012 4:37 μμ, Wietse Venema wrote: If you do not see "status=deliverable" or "status=undeliverable", then you haven't correctly configured reject_unverified_sender or reject_unverified_recipient, or you are testing with the wrong email address (Postfix excludes things such as postmaster)

Re: Verify cache missing?

2012-11-08 Thread Nikolaos Milas
On 8/11/2012 3:46 μμ, Ralf Hildebrandt wrote: "User unknown in virtual mailbox table" involves no "reject_unverified_recipient", since Postfix doesn'T have to verify the recipient - it simply looks into the virtual mailbox table Thanks Ralf, Then, under which circumstances should we expect to

Re: Verify cache missing?

2012-11-08 Thread Wietse Venema
Wietse Venema: > Nikolaos Milas: > > On 8/11/2012 1:47 ??, Wietse Venema wrote: > > > > > Perhaps surprisingly, there is no addresss verification cache until > > > you invoke one of reject_unverified_sender or reject_unverified_recipient. > > > > Thanks Wietse, > > > > So, I conclude that in thi

Re: Verify cache missing?

2012-11-08 Thread Nikolaos Milas
On 8/11/2012 3:40 μμ, DTNX Postmaster wrote: In other words, does the output of 'postconf -d data_directory' yield '/var/lib/postfix' as a value? If yes, does the user the process runs as have write permissions on that directory? Yes, it's /var/lib/postfix on both. On both: # ls -la /var/li

Re: Verify cache missing?

2012-11-08 Thread Wietse Venema
Nikolaos Milas: > On 8/11/2012 1:47 ??, Wietse Venema wrote: > > > Perhaps surprisingly, there is no addresss verification cache until > > you invoke one of reject_unverified_sender or reject_unverified_recipient. > > Thanks Wietse, > > So, I conclude that in this case there is no such cache bec

Re: Verify cache missing?

2012-11-08 Thread Ralf Hildebrandt
* Nikolaos Milas : > On 8/11/2012 2:42 μμ, Nikolaos Milas wrote: > > >So, I conclude that in this case there is no such cache because > >reject_unverified_recipient is at the end of > >"smtpd_recipient_restrictions", so in essence it is never used... > > Now that I re-think it over, in fact there

Re: Verify cache missing?

2012-11-08 Thread DTNX Postmaster
On Nov 8, 2012, at 12:09, Nikolaos Milas wrote: > I thought I should start a new thread, and I will reference: > http://www.mail-archive.com/postfix-users@postfix.org/msg47599.html > http://www.mail-archive.com/postfix-users@postfix.org/msg47590.html (includes > postconf -n) > > I'm on CentOS 5.

Re: Verify cache missing?

2012-11-08 Thread Nikolaos Milas
On 8/11/2012 2:42 μμ, Nikolaos Milas wrote: So, I conclude that in this case there is no such cache because reject_unverified_recipient is at the end of "smtpd_recipient_restrictions", so in essence it is never used... Now that I re-think it over, in fact there are continuous rejections of

Re: Verify cache missing?

2012-11-08 Thread Nikolaos Milas
On 8/11/2012 1:47 μμ, Wietse Venema wrote: Perhaps surprisingly, there is no addresss verification cache until you invoke one of reject_unverified_sender or reject_unverified_recipient. Thanks Wietse, So, I conclude that in this case there is no such cache because reject_unverified_recipient

Re: Verify cache missing?

2012-11-08 Thread Wietse Venema
Nikolaos Milas: > Based on infofrom the former thread above, I would expect to see a > verify_cache.db at /var/lib/postfix because: [address_verify_mumble settings deleted] Perhaps surprisingly, there is no addresss verification cache until you invoke one of reject_unverified_sender or reject_un

Verify cache missing?

2012-11-08 Thread Nikolaos Milas
Hello, I thought I should start a new thread, and I will reference: http://www.mail-archive.com/postfix-users@postfix.org/msg47599.html http://www.mail-archive.com/postfix-users@postfix.org/msg47590.html (includes postconf -n) I'm on CentOS 5.8 x86_64 with postfix-2.9.1-1.pcre.sasl2.dovecot.r