n Dec 9, 2010, at 1:59 PM, Victor Duchovni wrote:
On Thu, Dec 09, 2010 at 01:45:37PM -0800, cmallon wrote:
Can I safely remove this parameter from the master.cf file?
(smtpd_recipient_restrictions); would that solve my problem and simplify
my configuration? Or do I need this parameter in this location because
of the way mail is passed through the domain keys?
That depends on what restrictions you want/need to apply to port 587
vs. port 25. In
All mail on this server must pass through domain keys which is through port
587. I've successfully run this server for this client for the last 3 years. We
recently upgraded the OS and the client started sending a lot more mail (30,000
pieces at a time)- That's when we started to run into some problems. I might
add that I'm not the only admin on site.
http://www.postfix.org/master.5.html
under the description of "-o" arguments, you'll find how to correctly
specify complex parameter overrides in the master.cf file.
-o name=value
Override the named main.cf configuration
parameter. The parameter value can refer to
other parameters as $name etc., just like in
main.cf. See postconf(5) for syntax.
NOTE 1: do not specify whitespace around the
"=". In parameter values, either avoid
whitespace altogether, use commas instead of
spaces, or consider overrides like "-o
name=$override_parameter" with $over-
ride_parameter set in main.cf.
I did remove the whitespaces around the "=" and even simplified the
smtpd_recipient_restrictions value in the master.cf but blacklisted mail still
gets through.
NOTE 2: Over-zealous use of parameter over-
rides makes the Postfix configuration hard
to understand and maintain. At a certain
point, it might be easier to configure mul-
tiple instances of Postfix, instead of con-
figuring multiple personalities via mas-
ter.cf.
I will go over this document and see if configuring main.cf to handle
smtpd_recipient_restrictions is appropriate.
I'm reluctant to be this blunt, but you need to learn more about running
a Postfix (or some other) MTA before you take on customer traffic. There
are multiple serious issues with your MTA and you're in over your head.
Thank you for your bluntness Viktor. You are right, I don't play around with
the mail service once it's running but I will endeavor to "learn more about
running a Postfix MTA" however, the situation is here and I need to address it.
Personally I think it's the domain keys..I don't think they can keep up with
the volume. I do thank you for your time and assistance though, you've been
very generous and I do appreciate it.
--
Viktor.
