>> >> 2) it's not intuitive to me that the query I have given to
>> >> postifx
>> >> is conditionally executed.
>> >
>> > And THAT is precisely what the documentation says.
>>
>> And THAT is merely what I was asking to have confirmation of
>> (not sure why that is so difficult)...
>
>> >> Postfix expects an empty set (i.e. no rows returned) if it is to
>> >> respond
>> >> negatively that a virtual alias does not exist.
>> >> Returning NULL does not equal no rows returned.
>>
>> >Are you sure??
>>
>> 100% confirmed. To return NOTFOUND, you MUST return NO RESULT.
>
>
>> Postfix expects an empty set (i.e. no rows returned) if it is to respond
>> negatively that a virtual alias does not exist.
>> Returning NULL does not equal no rows returned.
>
> email builder:
>> Are you sure??
>
> 100% confirmed. To return NOTFOUND,
>> I don't think mine is so confusing as you suggest if you take a second
> to understand it. Maybe if you read it with some whitespace:
>>
>> select
>> if ('%d' = 'example-2.com',
>> IFNULL(
>> (select dest from aliases where addr =
> '%u...@example.com'),
>>
>> 2) it's not intuitive to me that the query I have given to postifx
>> is conditionally executed.
>
> And THAT is precisely what the documentation says.
And THAT is merely what I was asking to have confirmation of (not sure why that
is so difficult)... because it's not intuitive, and als
> I've found that in conjunction with a 2nd query (the
> original
> normal one), everything seems to work as expected (including
> aliases with only local parts like "postmaster")
>
> But I'm still unsure if this kind of query is correct, if
> I'm
> on th
>>> query = select if ('%d' = 'example-2.com',
>>> IFNULL((select dest from
>>> aliases where addr = '%u...@example.com'), (select addr from users
>>> where addr = '%u...@example.com')), NULL)
>>>
>>> I've found that in conjunction with a 2nd query (the original
>>> normal one), everythin
> This feature is not going to change. Over and out.
I merely asked (politely I think) for confirmation that I understood the
documentation correctly.
Why do you have to use such unfriendly language in your responses?
> email builder:
>> it says if you use "%d" in your query and the lookup key is not in
>> the form of "u...@domain.tld" (ie local part only), then the query
>> is "suppressed".?
>
> What is not clear about that?
1) the word "su
>> Probably the best lesson to learn from postfixadmin is: you can have
>> more than one lookup table in postfix per main.cf directive.
>> Postfixadmin uses 2 separate queries for "regular" aliases and
>> domain
>> aliases.
>>
>> from main.cf:
>> virtual_alias_maps = /etc/postfix/mysql_vir
- Original Message -
> From: Wietse Venema
> To: Postfix users
> Cc:
> Sent: Tuesday, August 7, 2012 8:26 AM
> Subject: Re: mysql query suppressed?
>
> email builder:
>> I read in http://www.postfix.org/mysql_table.5.html for the %d
>> substitut
> Am 06.08.2012 22:54, schrieb email builder:
>> I read in http://www.postfix.org/mysql_table.5.html for the %d substitution
>> in the query if the lookup is not a full email address with domain, the
>> entire
>> query is not even executed? Is this right?
>
I read in http://www.postfix.org/mysql_table.5.html for the %d substitution in
the query if the lookup is not a full email address with domain, the entire
query is not even executed? Is this right?
If that's the case, you can't do complex queries like:
select IF('%d' = 'example.com', .
Eve
>>> This causes a bounce instead of reject. Do I have to add a clause for
>>> this to my query? I start to feel like I'm doing things Postfix
> should
>>> be doing. There must be a more simple way to do this?
>>
>> postfixadmin have domain-alias support fits 100% to subject, makes sense
>>
>> So I came up with this:
>>
>> query = select if ('%d' = 'example-2.com', IFNULL((select
> dest
>> from aliases where addr = '%u...@example.com'), (select addr from
> users
>> where addr = '%u...@example.com')), (select dest from aliases where
> addr =
>> '%s'))
>>
>> This seems to
> So I came up with this:
>
> query = select if ('%d' = 'example-2.com', IFNULL((select dest
> from aliases where addr = '%u...@example.com'), (select addr from users
> where addr = '%u...@example.com')), (select dest from aliases where addr =
> '%s'))
>
> This seems to work in all cases exc
> I was trying to find a SQL example how to alias email that is addressed
> to everyone at a secondary domain to my primary domain. I mean:
>
> I have many virtual users set up for example.com, I added a new domain,
> example-2.com and I want any email going to example-2.com to be delivered t
I was trying to find a SQL example how to alias email that is addressed
to everyone at a secondary domain to my primary domain. I mean:
I have many virtual users set up for example.com, I added a new domain,
example-2.com and I want any email going to example-2.com to be delivered to
example.c
I seek clarification about reject_unlisted_recipient and
smtpd_reject_unlisted_recipient
If smtpd_reject_unlisted_recipient is enabled, WHEN does this check take place
in the scheme of smtpd_*_restrictions? I'm not sure, but it looks like it
might happen only if and after a PERMIT in the recip
Thanks for the help everyone. Does anyone have experience
or comments about this:
> The only other solution I can see is to use something
> like Nginx to just proxy the SMTP conversation through
> the relay to the internal MTA. I haven't tried this before,
> but if Nginx can perform fast enough
>> * mail for example.com arrives at the relay because
>> it is the highest priority MX record for example.com
>
> Yes, but don't use the word "relay" here, it is too easily
> confused
> with the transport name, calle it the border MTA or the SMTP gateway,
OK thanks for the language tips
>>
Ansgar, thank you for your patience:
Well, it looks like I could do
relay_domains = example.com
transport table: example.com relay:other.com
I have to use "other.com" in the transport because I need
to use
DNS-based "load balancing" of mult
>>> Specific questions I had were if I can use the standard DNS "load
>>> balancing" (multiple MX records, same priority, possibly multiple
>>> IPs
>>> resolving to one A record) setup *behind* a relay server (those MTAs
>>> behind the relay only being available via the relay and never
>>>
> Specific questions I had were if I can use the standard
> DNS "load balancing" (multiple MX records, same priority,
> possibly multiple IPs resolving to one A record) setup
> *behind* a relay server (those MTAs behind the relay
> only being available via the relay and never directly).
Well, it
Hi everyone,
I haven't played with relay servers much. I really thought
there was a "RELAY_README" but I find no README
files with "RELAY" in them at all. Hmmm. Where can
I get the basics?
Specific questions I had were if I can use the standard
DNS "load balancing" (multiple MX records, same p
>> We use a modified version as a HELO blacklist. This avoids the false
>> positives we saw while testing it as a reverse DNS restriction but,
>> because the use of the reverse hostname as the HELO string is a
>> common pattern in spam attempts from compromised hosts, it's still
>> very effec
>>> http://www.hardwarefreak.com/fqrdns.pcre <-- Stan's big list
>>
>> I've been curious about Stan's list of pcres. It looks massive,
>> and Stan
>> seems to be a regular expert contributer here. But I'm reluctant to
>> start using a text file from a web site with nothing on it and only a
>> I'm searching for a friend (who has very few money) an open source
>> antivirus scanner for email server that works with Postfix.
>>
>> Any infos/links/advices welcome
>
> One link, Google, would have easily found clamav.
>
> Info/advice: with postscreen(8), sane HELO restrictions, and
>> > I'm currently backing up my machine at home to a WD "My Passport" USB
>> > drive, doing a monthly full and nightly differential, using a script
>> > that employs rsync. Each backup set looks like a full backup. Works
>> > like a champ. I'm going to use the same script on the new mailserver
>> [snip]
>> > As know one seems to have any other ideas, looks like it has to be
>> > some rsynch variant using whatever cheap remote storage I can find.
>>
>> Seems kind of OT for this list, but since nobody else seems to
>> object...
>>
>> Two questions: Does it need to be remote, and w
>> As know one seems to have any other ideas, looks like it has to be
>> some rsynch variant using whatever cheap remote storage I can find.
>
> Seems kind of OT for this list, but since nobody else seems to
> object...
>
> Two questions: Does it need to be remote, and why just the mail
> spo
>> No other people have systems for doing this?
>
> we are using http://dbmail.org/ behind postfix and a replication-slave
> if you have only one server you can setup a slave on a different port
> as 3306 on 127.0.0.1
>
> benefit of the slave is that you can stop it at any time, make a
> copy o
Does anyone have any low-end/low-budget backup
suggestions for user mail
spools? Consider hobby type scenarios or small businesses
with a cheap single
hard drive rented (dedicated/shared) server where there may
not be budget for
another server or paid ba
>> Does anyone have any low-end/low-budget backup suggestions for user mail
>> spools? Consider hobby type scenarios or small businesses with a cheap
>> single
>> hard drive rented (dedicated/shared) server where there may not be budget
>> for
>> another server or paid backup service.
>>
>
Hello,
Does anyone have any low-end/low-budget backup suggestions for user mail
spools? Consider hobby type scenarios or small businesses with a cheap single
hard drive rented (dedicated/shared) server where there may not be budget for
another server or paid backup service.
My thought was if
> Embarrassing question time... was investigating use of port 587/submission
> in
> addition to our usual 465/smtps, but I found that our server is already
> listening on port 587. ALL of the "submission" lines in master.cf are
> commented out.
>
>
> Surely I just goofed something up, bu
Hello,
Embarrassing question time... was investigating use of port 587/submission in
addition to our usual 465/smtps, but I found that our server is already
listening on port 587. ALL of the "submission" lines in master.cf are
commented out.
Surely I just goofed something up, but I'm not
> On 4/12/2011 2:17 AM, email builder wrote:
> >>> Am I correct to infer that both smtp(d)_tls_CAfile settings only serve
> >>> a purpose when you want to verify client/server certificates?
> >>> If that's the case, why does the example at
> > I'm wondering about the usefulness of smtp(d)_tls_CAfile(path) when using
> > opportunistic encryption in both incoming and outgoing connections. The
> > TLS_README suggests that certificate and key files be left empty for
> > opportunistic smtp processes, but it doesn't talk specifical
Hello,
I'm wondering about the usefulness of smtp(d)_tls_CAfile(path) when using
opportunistic encryption in both incoming and outgoing connections. The
TLS_README suggests that certificate and key files be left empty for
opportunistic smtp processes, but it doesn't talk specifically about
smt
> > I'm thinking about trying the example suggested in the documentation for
> > "sleep":
> >
> >
> > /etc/postfix/main.cf:
> > smtpd_client_restrictions =
> > sleep 1, reject_unauth_pipelining
> > smtpd_delay_reject = no
> >
> > In general, I try to order smtpd_*_restrictions wi
- Original Message
> From: Noel Jones
> To: postfix-users@postfix.org
> Sent: Fri, April 8, 2011 9:44:12 PM
> Subject: Re: Restricting ETRN?
>
> On 4/8/2011 11:29 PM, email builder wrote:
> >
> > Or is this of no concern and/or does the junk command l
> > I'm concerned about having ETRN wide open. I am not very familiar with
> > ETRN
>and
>
> > have no use for it in our environment. It seems harmless, but if most of
>one's
>
> > recipient/sender/client/helo/etc. restrictions are in places they won't be
>seen
>
> > by someone trying
Hello,
I'm concerned about having ETRN wide open. I am not very familiar with ETRN
and
have no use for it in our environment. It seems harmless, but if most of one's
recipient/sender/client/helo/etc. restrictions are in places they won't be seen
by someone trying to fiddle maliciously with E
Hello,
I'm thinking about trying the example suggested in the documentation for
"sleep":
/etc/postfix/main.cf:
smtpd_client_restrictions =
sleep 1, reject_unauth_pipelining
smtpd_delay_reject = no
In general, I try to order smtpd_*_restrictions with the least costly first, so
this wou
Hello,
In http://www.postfix.org/postconf.5.html#smtp_sasl_auth_cache_name the fourth
sentence is:
As long as the smtp_sasl_password_maps information does no change...
That should be:
As long as the smtp_sasl_password_maps information does not change,
(s/no/not)
> > OK, thank you very much for the pointer to smtp_bind_address. That's what
> > I
>
> > need, but I'm stumbling at the transport map. I already have outgoing
> > mail
> > segregated how I want it when it exits my content filtering (ready to be
>sent
>
> > out). So ideally, the cont
- Original Message
> From: Ralf Hildebrandt
> To: postfix-users@postfix.org
> Sent: Mon, April 4, 2011 2:12:02 PM
> Subject: Re: Multiple transport maps in master.cf?
>
> * email builder :
> > Hello,
> >
> > I've found that in main.cf,
> > >>> Here is what I've done with the typo corrected. Is this a Bad
> > >>> Idea? Are there problems with naively using the domain from the
> > >>> recipient email address as the
> > >>> nexthop value?
> > >>>
> > >>> master.cf:
> > >>>
> > >>> smtp2 unix - - n
> > > The configuration makes absolutely no sense at all.
> >
> > Hmm, I'm not sure why you see *no* sense in it.
>
> If you can configure Postfix to send some email to port 10024 (which
> uses a wild-card access map rule to send out all email via transport
> "smtp2")
>
> Then you can con
> >>> Here is what I've done with the typo corrected. Is this a Bad
> >
> >>> Idea? Are there problems with naively using the domain from the
> >>> recipient email address as the
> >>> nexthop value?
> >>>
> >>> master.cf:
> >>>
> >>> smtp2 unix - - n - -
> > > > Here is what I've done with the typo corrected. Is this a Bad
> >
> > > > Idea? Are there problems with naively using the domain from the
> > > > recipient email address as the
> > > > nexthop value?
> > > >
> > > > master.cf:
> > > >
> > > > smtp2 unix - - n
> > Here is what I've done with the typo corrected. Is this a Bad
> > Idea? Are there problems with naively using the domain from the
> > recipient email address as the
> > nexthop value?
> >
> > master.cf:
> >
> > smtp2 unix - - n- - smtp
> > -
> > What I ran into while solving the add-a-header issue (see my last
> > post on this thread) was that I can use a FILTER action from a
> > smtpd_*_restriction check to select a specialized smtp process
> > that is bound to a given IP address.
> >
> >
> > I found, however, that the FILTER
> > master.cf smtpd process entry:
> > -o
> > smtpd_data_restrictions=check_sender_access,pcre:/etc/postfix/add_my_header
> >
> > /etc/postfix/add_my_header:
> > /^/ PREPEND X-My-Header: Hello_world
> >
> > Easier than I thought. Now, PLEASE don't take this the wrong way, but
> > > OK, sorry again. I had assumed because you can turn off header checking
>by
> > > using receive_override_options, you could also override (change) them.
> >
> > It is possible to override header_checks by defining a
> > different cleanup_service_name for smtpd, then defining that
> >
> On 4/4/2011 9:54 PM, email builder wrote:
> >
> > OK, sorry again. I had assumed because you can turn off header checking by
> > using receive_override_options, you could also override (change) them.
>
> It is possible to override header_che
> On Mon, Apr 04, 2011 at 06:33:20PM -0700, email builder wrote:
> > I am testing a simple header_check that uses PREPEND to add a
> > custom header to messages.
>
> Uh, no, I think it is not simple at all. Is this the same issue
> you're working on? You hav
> > I am testing a simple header_check that uses PREPEND to add a custom
> > header
>to
>
> > messages.
> >
> > 1) I *always* want to add the header, so the detected header in the rule
>doesn't
>
> > matter so much. Does anyone have advice for the best header to detect so
> > I
> >
Hello,
I am testing a simple header_check that uses PREPEND to add a custom header to
messages.
1) I *always* want to add the header, so the detected header in the rule
doesn't
matter so much. Does anyone have advice for the best header to detect so I
won't miss any messages? Is /^From:/ th
> > > > Can I override default_transport?
> > >
> > > As documented:
> > >
> > > http://www.postfix.org/postconf.5.html#default_transport
> >
> > Right, but from what I can tell (testing it), it's like transport_maps,
> > in that I can't change it willy-nilly in my smtpd process with a
>
- Original Message
> From: Wietse Venema
> To: Postfix users
> Sent: Mon, April 4, 2011 2:34:00 PM
> Subject: Re: Multiple transport maps in master.cf?
>
> email builder:
> > > > > I've found that in main.cf, this works fine:
> > >
> > OK, thank you very much for the pointer to smtp_bind_address. That's what
> > I
>
> > need, but I'm stumbling at the transport map. I already have outgoing
> > mail
> > segregated how I want it when it exits my content filtering (ready to be
>sent
>
> > out). So ideally, the cont
- Original Message
> From: email builder
> To: postfix-users@postfix.org
> Sent: Mon, April 4, 2011 2:18:01 PM
> Subject: Re: Multiple transport maps in master.cf?
>
> > > I've found that in main.cf, this works fine:
>
> > >
> > &
> > I've found that in main.cf, this works fine:
> >
> > transport_maps = hash:/etc/postfix/transport1 hash:/etc/postfix/transport2
> >
> > But not in master.cf (under a smtpd process definition):
> >
> > -o transport_maps=hash:/etc/postfix/transport1
>hash:/etc/postfix/transport2
>
>
> I've found that in main.cf, this works fine:
>
> transport_maps = hash:/etc/postfix/transport1 hash:/etc/postfix/transport2
>
> But not in master.cf (under a smtpd process definition):
>
> -o transport_maps=hash:/etc/postfix/transport1 hash:/etc/postfix/transport2
>
> Postfix complain
Hello,
I've found that in main.cf, this works fine:
transport_maps = hash:/etc/postfix/transport1 hash:/etc/postfix/transport2
But not in master.cf (under a smtpd process definition):
-o transport_maps=hash:/etc/postfix/transport1 hash:/etc/postfix/transport2
Postfix complains:
fatal: unex
> On Sun, Apr 03, 2011 at 10:39:58PM -0700, email builder wrote:
> > I'm wondering if it's possible to configure a smtpd process in
> > master.cf to send messages to the outside on a secondary network
> > interface.
>
> Of course not; smtpd(8) is the
Hello,
I'm wondering if it's possible to configure a smtpd process in master.cf to
send
messages to the outside on a secondary network interface. It seems to be
possible to make a smtpd process listen on a given interface (IP address) by
specifying the IP address on the front of the configura
> > 1) does the milter API and its placement in the server's execution provide
> > a
>
> > place where I can determine that STARTTLS has failed?
>
> No. Milter processing happens as mail enters the queue, delivery and STARTTLS
> success or failure happen when mail is leaving the queue.
>
>
Hello,
I might need to learn how to write a milter that tries to divert outgoing
messages (so a smtp/client milter) that have been sent with
smtp_tls_security_level = encrypt but failed because the destination server
doesn't support STARTTLS (I understand that this is something of a false flag,
> * Ralf Hildebrandt :
> > * email builder :
> > > Hi,
> > >
> > > I am wondering if anyone has advice on where there are any email
> > > health checks online. I used to use dnsstuff.com but they have since
> > > gone commerc
> > I am wondering if anyone has advice on where there are any email health
> checks online. I used to use dnsstuff.com but they have since gone
> commercial.
>
> You have been given links and other suggestions for this that are sound, I
> would
> follow those suggestions.
>
> > It's fru
Hi,
I am wondering if anyone has advice on where there are any email health
checks online. I used to use dnsstuff.com but they have since gone commercial.
It's frustrating to have your users' emails land in Yahoo or Gmail spam
folders, but not be able to understand why. DNS checks out fin
> > However, I just realized that I actually might not need to change
> > the domain. The -o overrides I need may only be the smtpd_tls_*
> > settings. I was just concerned about name mismatches with the
> > certificate, but whatever postfix thinks is the domain shouldn't
> > affect the client
Wietse:
> I do not support configurations with multiple myhostname/mydomain
> settings (or multiple settings for any domain-like parameter that
> determines how Postfix handles email).
email builder:
> That's certainly fair. I can accept that I am stepping outside
> the
> > I do not support configurations with multiple myhostname/mydomain
> > settings (or multiple settings for any domain-like parameter that
> > determines how Postfix handles email).
>
> email builder:
> > That's certainly fair. I can accept that I am step
> email builder a écrit :
> >[snip]
> >> I do not support configurations with multiple myhostname/mydomain
> >> settings (or multiple settings for any domain-like parameter that
> >> determines how Postfix handles email).
> >
> > That's cer
> > > > I have two IP addresses on my server and would like to serve a
> > > > different
> SSL
> > > (TLS) certificate for each one. I think all the other configuration will
> not
> > > need to differ between the two, so I think running multiple instances of
> postfix
> > > would be over
> > I have two IP addresses on my server and would like to serve a different
> > SSL
> (TLS) certificate for each one. I think all the other configuration will not
> need to differ between the two, so I think running multiple instances of
> postfix
> would be overkill (?).
> >
> > I want
Hello,
I have two IP addresses on my server and would like to serve a different SSL
(TLS) certificate for each one. I think all the other configuration will not
need to differ between the two, so I think running multiple instances of
postfix would be overkill (?).
I want to confirm that it w
Brian Evans - Postfix List scent-team.com> writes:
> > alternatives --set mta /usr/sbin/sendmail.postfix
>
> A much easier way to solve this and prevent errors in the future is 'rpm
> -e sendmail'.
>
> The sendmail package will *not* remove Postfix's sendmail client.
I suppose removing sendma
Hi,
Been a while since I had to look at our mail system (a tribute to
postfix/courier/spamassassin/sasl/related software), but when upgrading all our
software recently, I ran into a couple issues, the 2nd one being particularly
confounding (and not much turns up via a Google search, thus I thou
83 matches
Mail list logo
