Hi,
sorry to use the list to contact you, but I tried to send you a mail off the
list and it is not deliverable (yet):
mailq
-Queue ID- --Size-- Arrival Time -Sender/Recipient---
5191D520B4 6013 Sat Oct 9 09:54:10 c...@roessner-network-solutions.com
(host spike.porcupine.org[16
and yes, of course that is open source.
Thanks for feedback and maybe helping hands??
Best wishes
Christian
---
Roessner-Network-Solutions
Bachelor of Science Informatik
Nahrungsberg 81, 35390 Gießen
F: +49 641 5879091, M: +49 176 93118939
USt-IdNr.: DE225643613
http://www.roessner-network
who have proven good reputation will have a
chance of easy going mail traffic.
That is the idea behind it. Maybe I am wrong.
Christian
---
Roessner-Network-Solutions
Bachelor of Science Informatik
Nahrungsberg 81, 35390 Gießen
F: +49 641 5879091, M: +49 176 93118939
USt-IdNr.: DE225643613
http:/
e fun
Christian
Am 14.10.2010 um 15:49 schrieb Christian Roessner:
> Hi,
>
>> Actually using a WL to let email through does not appear to have any
>> advanatage except for the WL vendor.
>>
>>> Ah and yes, of course that is open source.
>>
>> Thanks fo
Maybe it would be able to make
that configurable?
I think, if the problem (20 user, one reject) happens, a policy server would
have to decide DUNNO in such a situation.
Or is that something that needs to be implemented in a pre-queue milter?
Any help is welcome
And many thanks in advance
Chri
/8, 10.1.0.0/16, [::1]/128,
[2a01:4f8:61:8222::]/64
These settings work for me. So maybe it gives you an idea.
Regards
Christian
---
Roessner-Network-Solutions
Bachelor of Science Informatik
Nahrungsberg 81, 35390 Gießen
F: +49 641 5879091, M: +49 176 93118939
USt-IdNr.: DE225643613
http://www.roessner-network-solutions.com
PGP.sig
Description: Signierter Teil der Nachricht
>
> I'm working on Spamhaus' new whitelist where our goal is to list only
> mail sources clean enough that you can skip the rest of the filtering.
> (So far so good, but it's still pretty small.)
>
> You're welcome to use it. The IP address version is at swl.spamhaus.org.
>
> For people who lik
t one
already.
Many thanks in advance
Christian
---
Roessner-Network-Solutions
Bachelor of Science Informatik
Nahrungsberg 81, 35390 Gießen
F: +49 641 5879091, M: +49 176 93118939
USt-IdNr.: DE225643613
http://www.roessner-network-solutions.com
PGP.sig
Description: Signierter Teil der Nachricht
deal with the DKIM verification, as of writing this, I use amavis for
signing/verifying. So one question is, if DKIM verify for VBR must be done in
the milter, too, or if we can find another mechanism.
If people are interested in such a project, I would open extra mailing lists.
Feedback is we
>> I am interested in including the DWL feature from SpamHaus into
>> postfix.
> Wietse:
>> DWL requires content external content inspection. For example, a
>> Milter, or a before-or-after-queue SMTP-based filter. Either approach
>> can be used to verify the DKIM signature and the VBR header.
>
>
Hi,
first of all, I am not an SSL expert, so I hope you could help me understanding
something. I have Postfix configured as MSA/MTA with latest postfix
experimental. On port 25 of the mx0.roessner-net, which is the main mail
exchanger for other MTAs, I do not offer AUTH, but want to offer START
>> When I use telnet to connect to mx0.roessner-net.de 25, waiting for
>> postscreen to allow me sending EHLO, I only get the following list of
>> commands:
>>
>> Trying 78.46.253.227...
>> Connected to mx0.roessner-net.de.
>> Escape character is '^]'.
>> 220-mx0.roessner-net.de ESMTP
>> 220 mx0
> Take a look at postscreen(8):
> | BUGS
> | The postscreen(8) built-in SMTP protocol engine does not announce
> | support for STARTTLS, AUTH, XCLIENT or XFORWARD
Thanks. That helps ;-)
Christian
PGP.sig
Description: Signierter Teil der Nachricht
Hi,
I am a little bit stuck with prepending one and exactly one additional header
to outgoing mails that are sent from local users. In fact I want to add a
VBR-Info:- header for outgoing mails.
Local users use a seperate MSA port (own IP-socket in master.cf). The socket is
configured with smtp
Hi again,
> # header_checks
>
> if !/^VBR-Info:.*roessner-net(work-solutions)?/
> /^From:@roessner-net\.com/ PREPEND VBR-Info:
> md=roessner-net.com; mv=dwl.spamhaus.org; mc=all
> /^From:@roessner-network-solutions\.com/ PREPEND VBR-Info:
> md=roessner-network-solution
>
> Yes, that will work fine if you put your check_sender_access rule under
> smtpd_data_restrictions.
>
I am unsure if that works. I thought that check_sender_access only uses the
envelope-from tag. So where is the difference between putting it in
smtpd_recipient_restrictions or waiting for
>> DATA
>> . <-- Testing after this point, if in smtpd_data_restrictions. But
>> does this behave differently then the above?
>
>
> Of course it works. And BTW, smtpd_data_restrictions are run after the DATA
> command, not after the dot -- that's smtpd_end_of_data_restrictions.
>
:-)
> With
>> With the default smtpd_delay_reject=yes, smtpd_{client, helo, sender,
>> recipient}_restrictions are repeated for each recipient, but
>> smtpd_data_restrictions are run only once.
>>
> That is really good to know and makes things much easier now. I give it a try.
Thanks :-) Works. It is fru
Hi all,
really thanks for all info, but the problem already is fixed. It needed help
here for the check_sender_access adding to smtpd_data_restrictions and the help
of Mark Martinec for amavisd-new, to get header_checks working in a dual setup
MSA/MTA.
Many thanks for all your help.
It works
> apparently, aol.com is currently not resolved via DNS (at least in Germany).
>
> How can I have postfix queue mails to AOL and retry delivery in that case
> instead of bouncing the mails?
Did you play with this parameter?
maximal_queue_lifetime (default: 5d)
The maximal time a message
>> How can I have postfix queue mails to AOL and retry delivery in that case
>> instead of bouncing the mails?
>
> Did you play with this parameter?
>
> maximal_queue_lifetime (default: 5d)
> The maximal time a message is queued before it is sent back as
> undeliverable.
Sorry, my fault.
xy line. I added it with a comment sign,
read from the POSTSCREEN_README. The current master.cf is missing it.
So far, hope you don't mind my little comments :-)
I wish you all a good change from old->new year.
Christian
---
Roessner-Network-Solutions
Bachelor of Science Informatik
Nahr
)
Jan 1 15:17:14 mx postfix/postscreen[13261]: close database
/var/lib/postfix/ps_cache.db: No such file or directory (possible Berkeley DB
bug)
Good new year
Christian
---
Roessner-Network-Solutions
Bachelor of Science Informatik
Nahrungsberg 81, 35390 Gießen
F: +49 641 5879091, M: +49 176
Hi,
>
> What's wrong with postqueue -f?
>
>
> config_directory = /usr/local/etc/postfix
>
What, if you specify
postqueue -c /usr/local/etc/postfix -f
Christian
Hi,
sorry, if this question might sound a bit stupid, but if I specify
relay_recipient_maps with all valid recipients that postfix should relay for,
why does it need relay_domains set? As an example:
I have connected relay_domains to LDAP and have an object that returns all
domains. I also hav
Hi,
I have added all dnsblog*, tlsproxy*, postscreen* and main keywords to
pfmain.vim (this file is taken from Ubuntu Lucid). If you like to have syntax
highlighting for vi, put it under .vim/syntax/
Regards
Christian
pfmain.vim.gz
Description: GNU Zip compressed data
---
Roessner-Network-S
really a cool idea *ironic*
IMO: Adding the page is really nice and should give a remote postmaster enough
information to either fix his/her setup or contact you (postmaster@).
Christian
---
Roessner-Network-Solutions
Bachelor of Science Informatik
Nahrungsberg 81, 35390 Gießen
F: +49
Hi,
>>> Would it be possible to delay the arrival of some particular addresses ?
>>> ( ala greylisting but only for a list of addresses )
>> This requires a Milter or policy plugin.
you can use postgrey and a (pcre-) map, which triggers a restriction_class
Not sure, if you want it for sender or
tell auxprop ldapdb to ask for this attribute and not
userPassword?
I know this question is somewhat off topic. But which is the right
place? Guess post_masters_ for sure can help me :-)
Thanks
Christian
--
Roessner-Network-Solutions
Bachelor of Science Informatik
Nahrungsberg 81, 35390 Gießen
F:
if not modifying ldapdb
code, which I am not going to do).
So dovecot seams to be really a great solution for authentication ;-)
Never mind
Christian
--
Roessner-Network-Solutions
Bachelor of Science Informatik
Nahrungsberg 81, 35390 Gießen
F: +49 641 5879091, M: +49 176 93118939
USt-IdNr.: DE2
be enough.
I have no idea, what libs, etc. are also required to be copied to
chroot.
Thanks for helping me in advance
Christian
--
Roessner-Network-Solutions
Bachelor of Science Informatik
Nahrungsberg 81, 35390 Gießen
F: +49 641 5879091, M: +49 176 93118939
USt-IdNr.: DE225643613
http
--> which needs to be copied from /etc/ldap/ldap.conf
Create random and urandom devices in /var/spool/postfix/dev
After that postfix/smtpd will run fine with sasl/external/ldapdb in a
chroot environment.
Christian
--
Roessner-Network-Solutions
Bachelor of Science Informatik
Nahrungsberg 81, 35390 Gie
Hi,
> Do you know any reliable Debian/Ubuntu repositories for the
> newest Postfix 2.8?
http://mysourceco.de
Is my repo. Clean patches to Postfix. It is in fact cloned from the Debian
2.7.0, but with review!
It also has Dovecot 2.09+Pigeonhole in it.
Regards
Christian
---
Roessner-N
ed by signal 11
Turning the loglevel back, everything works as before.
So I thought, you might be interested in that report.
Tonight I am going to turn on GDB and try to get a backtrace. But maybe someone
else might confirm this in the meantime.
Best wishes
Christian
---
Roessner-Network-Sol
Hi,
Am 07.02.2011 um 15:39 schrieb Wietse Venema:
> Wietse Venema:
>> Christian Roessner:
>>> I double checked that cacert.org's cert is in that path as well
>>> and that the c_hash exists, too. I did not find an answer and so
>>> I only changed the log l
s TLS connection established from
mx0.roessner-net.de[78.46.253.227]: TLSv1 with cipher ADH-AES256-SHA (256/256
bits)
It is working now.
@Mark: New packages are available, including this fix.
Christian
---
Roessner-Network-Solutions
Bachelor of Science Informatik
Nahrungsberg 81, 35390 Gießen
F: +49 6
ore features you enable that use external libraries, or resources or
> talk to external services, the more supporting files are needed in the
> chroot jail...
But I also could say: The more features you enable, the more experienced you
probably are.
Christian
---
Roessner-Network-Solutions
Bache
uldn't
this same client come back after 300 seconds, too? And so skipping the
greylisting barrier? Or are there some bots outside that can do that? But even
then, they might be lucky at a later time, when the host, where they live on,
returns (even with dynamic IP; just a question of patie
he SQL query should not
give a result for that user. I am not a SQL expert, but I do the same
with LDAP. And if that works with saslauthd, no idea, too, because I use
sasl-auxprop (ldapdb).
Regards
Christian
--
Roessner-Network-Solutions
Bachelor of Science Informatik
Nahrungsberg 81, 35390 Gießen
Hi,
> Postfix stable release 2.8.1 is available. This release fixes one
> "signal 11" bug with SMTP server debug logging, and cleans up some
> code and documentation.
Ubuntu packages done.
https://launchpad.net/~christian-roessner-net/+archive/ppa
- I dropped HP-UX patches f
ause existing
configurations won't be touched by the distro and newly installed
instances do not have disadvantages.
I have not modified the init script, so people still can do chrooting
and the init script will work as always.
Regards
Christian
--
Roessner-Network-Solutions
Bachelor of Sc
27;t the place to discuss
> it.
> This is my last comment on this thread.
your answer overlapped my last personal answer to you. Never mind
Christian
--
Roessner-Network-Solutions
Bachelor of Science Informatik
Nahrungsberg 81, 35390 Gießen
F: +49 641 5879091, M: +49 176 93118939
USt-IdNr.: DE
dependent? Maybe I think too
complicated.
I would use this only on the submission port, which is defined in
master.cf.
Thanks in advance
Christian
--
Roessner-Network-Solutions
Bachelor of Science Informatik
Nahrungsberg 81, 35390 Gießen
F: +49 641 5879091, M: +49 176 93118939
USt-IdNr.:
upstarts man page that they close stdin,
stdout and stderr before starting a job.
Would the upstart script lack of some functionality or do have other problems?
My systems currently run with this upstart script and yet I don't see any
differences.
Thanks
Christian
---
Roessner-Network-Solu
Hi,
> The only supported way to start Postfix is "postfix start", using
> the commands provided with /etc/postfix/postfix-script.
>
> DO NOT TINKER WITH THIS.
>
> SUSE people discovered years ago that their home-grown approach to
> stop Postfix would terminate a lot more processes than just Po
ng that breaks postfix. That is the
reason why I ask here/you to learn and to understand and in this case: to find
another solution.
Thanks
Christian
---
Roessner-Network-Solutions
Bachelor of Science Informatik
Nahrungsberg 81, 35390 Gießen
F: +49 641 5879091, M: +49 176 93118939
USt-I
##
This can be called with exec in upstart and doing a stop is easy, too,
because I simply call /usr/sbin/postfix stop in a post-stop script
block.
So if this is okay, I would use it. It is some kind of silly, but I
tested it here on my workstation and it does the job. B
ike me (and my idea was
based on Apple's practise, like they DO START postfix with launchctl on
Mac OS X Server edition).
Anyways. If someone likes to help me doing further coding on the python
code, he/she is welcome.
@Andreas: Du bist doch aus Deutschland? Kannst mich gerne mal
anschreiben;
this thread, as I already have shown a script
that does the job.
Thanks
Christian
--
Roessner-Network-Solutions
Bachelor of Science Informatik
Nahrungsberg 81, 35390 Gießen
F: +49 641 5879091, M: +49 176 93118939
USt-IdNr.: DE225643613
http://www.roessner-network-solutions.com
y provide something? Do not get me wrong
please. I really like to learn and even when you got me totally wrong at
the beginning of this thread, I never had something bad in mind. Just
coming here and trying to find a solution. Is that ok so far?
Is there anything that I can do to help?
Best wishes
exec/postfix/master in the plist. That should not be
critics. My friend Lars runs three X-Serve servers. One Tiger, Leopard
and before posting here, I asked him to please just look into the plist
and tell me, what is called.
I do not know for Snow Leopard I must admit.
Was that said wrong
Am Samstag, den 26.02.2011, 08:51 +0100 schrieb Christian Roessner:
> Hi,
>
> > This got my attention because I run the Apple provided Postfix (2.5.5) on
> > Mac OS X client (10.6.6 specifically). What do you know - when I look at the
> > launchctl plist Apple provides t
this) and
saw the usage of getaddrinfo() and pointered lists and stuff; not sure
if I really understood, but would Postfix use a next client IP, if one
temp fails?
Has the second-MX solution any advantages? Should I stay on the current
setup?
Thanks for bringing light :)
Christian
--
Roessner
> > Has the second-MX solution any advantages? Should I stay on the current
> > setup?
>
> Your current setup looks fine.
thanks for explaining the different aspects :)
Christian
--
Roessner-Network-Solutions
Bachelor of Science Informatik
Nahrungsberg 81, 35390 Gießen
F:
l.
[...]
-o smtpd_tls_cert_file=/ca/mail./newcert.pem
-o smtpd_tls_key_file=/ca/mail./newkey.pem
-o smtpd_tls_security_level=encrypt
[...]
with each having its own certificates in master.cf. Maybe I did not get
the point yet :-)
Christian
--
Roessner-Network-Solutions
Bache
${ldap}/relay_domains.cf
relay_recipient_maps =
pcre:${map}/roleaccount.pcre,
${ldap}/relay_recipient_maps.cf
virtual_alias_maps =
${ldap}/relay_recipient_maps.cf
And do not add "it" to mydestination please.
Best wishes
Christian
--
Roessner-Network-Solutions
Bachelor of
Am 21.07.2011 17:43, schrieb Robert Schetterer:
> Hi,
> is smtpd_proxy_options=speed_adjust
> known for any problems ?
Do you have any problems? What is the reason for your question?
Best wishes
Grüße
Christian
--
Roessner-Network-Solutions
Bachelor of Science Informatik
50°34.725
= j {daemon_name} v i {client_ptr}
{client_connections}
Do sure about the "i" as I stll do not understand the letters "j", "v"
and "i".
Thanks in advance
Christian
--
Roessner-Network-Solutions
Bachelor of Science Informatik
50°34.725'N, 08°40.904
Hi,
> postconf -d milter_connect_macros
> milter_connect_macros = j {daemon_name} v
okay, got it:
milter_connect_macros = j {daemon_name} {client_ptr} {client_connections} v
Not sure about the "v" at the _end_ of the line. But it works.
Thanks
Christian
--
Roessner-Network-So
, feel free to contact me. If I
get some positive feedback, I try contacting the vim team and ask them,
if they want to update their existing files with this version.
http://www.roessner-network-solutions.com/vim/syntax/
Thanks
Christian
--
Roessner-Network-Solutions
Bachelor of Science Informatik
rd Server with no postfix config modifications.
So you are using OpenDirectory for your user accounts? Maybe this
service does have some problems?
Christian
--
Roessner-Network-Solutions
Bachelor of Science Informatik
50°34.725'N, 08°40.904'O, Nahrungsberg 81, 35390 Giessen
F: +49
ile, mapfile.db mtime
stuff).
Sorry, no more ideas out of the box :-)
Christian
--
Roessner-Network-Solutions
Bachelor of Science Informatik
50°34.725'N, 08°40.904'O, Nahrungsberg 81, 35390 Giessen
F: +49 641 5879091, M: +49 176 93118939
USt-IdNr.: DE225643613
http://www.roessner-network
Hi,
> Does a Postfix specific (Open)LDAP schema exists ?
> or a "mail server specific" ?
I have a custom LDAP schema for my whole mail system, including Postfix,
Dovecot and OpenDKIM. It is not perfect, but I can give it to you, if you want
it.
Best wishes
Christain
---
Roessner-Network-Solut
63 matches
Mail list logo