On 12/09/2010 10:31 AM, mouss wrote:
Le 09/12/2010 14:54, Robert Moskowitz a écrit :
This is a new install on Fedora 12 using the tools from:
http://wiki.amahi.org/index.php/Amahi_Mail_System
We have patched the Postfix source to add the Quota patch. It would be
REALLY nice if this was just a part of Postfix
The VDA is patch is not supported. it doesn't look like there's
anything new that would cause change...
I assumed it was not supported, or it would not still be a patch. Why
is it likely to be supported? It seems quotas are common, is there a
bettter way?
that came disabled
it came disabled in your package. it doesn't come at all from postfix
author.
I was not clear; perhaps my dyslexia. What I mean it would be nice if
this bit of code were rolled into the postfix program with a parameter
that controlled its activity. Normally off but with one config change
it would be available to those that want it.
and
was 'easy' to enable so we could work from the standard rpms.
but then don't ask for support here. if you have a problem related to
unsupported patches, you'll have to ask the patch author...
Just would like to work from distributed rpm instead of compiling
patched source. I just kind of spoiled that way.
The system is using Postfix with a mySQL tables along with lots of
checking.
The main domain supported has multiple MX records, as over the years I
have been without power for more than 24 hours.
so? I have voluntarily stopped my MX for longer than that! if the
client doesn't follow the common 4/5 days de facto standard, then it's
a client problem.
Perhaps goes back to when I brought my domain up in '95 over a dialup
link and how mailing lists would drop me if I was not around for a few
hours. I got paranoid about it, and relays were 'common' back then in
the good old days. I have been thinking about dropping them and this
has pushed me to try it.
SO my ISP acts as a
relay service for me. I am aware that this means that I send bunches of
bounces for emails to unkown users. I have NOT figured out what I am
going to do about this.
if your ISP doesn't validate recipient addresses in your domain,
please disable this relay. otherwise, you're part of the problem and
you should be blacklisted (based on domain, sender, IP, and any
information related to you). that means black tainting: 208.83.67.155
and htt-consult.com.
I do need to talk to my ISP about this some more about ways for them to
check my valid users. See if they are interested in doing the 'extra'
work. Meanwhile, I have done what I have been thinking about doing
since I figured this out a little while back and dropped the relays as
MX records. Give it a bit of time for it to propagate around the net
and I will see what the stats are reported in Logwatch.
And oh by the way, that is the IP address of my notebook where I send
this email from. Not the IP addr of my mail server.
I can't tell if I am relaying stuff I should be killing instead. Maybe
it is the above bounces I am seeing. At the end I have included my
postconf -n output.
DCC looks like is is just not working. LOTS of failures to connect. What
port does it use? Perhaps I am blocking it.
sooorry. I don't use DCC. anyway this is off topic here.
But perhaps someone else here does use it...
Thank you for any and all help provided.
-------- Original Message --------
[snip] irrelevant and off topic logwatch removed.
###################### Logwatch End #########################
postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases, hash:/etc/mailman/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
html_directory = no
inet_interfaces = all
this the default. just remove the setting from your main.cf.
I need eth0 and loopback. These are the only interfaces on the box.
What is the difference between all or eth0, lo ?
inet_protocols = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = klovia.htt-consult.com, localhost, localhost.localdomain
myhostname = klovia.htt-consult.com
mynetworks = 127.0.0.0/8
good.
you don't have mydomain nor myorigin. the default values will apply.
if the defaults are ok, then it's ok. otherwise, specify explicitely.
My understanding is that the domain SQL table replaces this?
newaliases_path = /usr/bin/newaliases.postfix
proxy_read_maps = $local_recipient_maps $mydestination
$virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $vi
rtual_mailbox_domains $relay_recipient_maps $relay_domains
$canonical_maps $sender_canonical_maps $recipient_canonical_maps
$relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.6.5/README_FILES
receive_override_options = no_address_mappings
recipient_delimiter = +
you don't have relay_domains. check the default. if you don't need
relay_domain. specify
relay_domains =
explicitely.
According to: http://www.postfix.org/postconf.5.html
"allow_untrusted_routing (default: no)
Forward mail with sender-specified routing
(us...@%!]remote[@%!]site) from untrusted clients to destinations
matching $relay_domains.
By default, this feature is turned off. This closes a nasty open
relay loophole where a backup MX host can be tricked into forwarding
junk mail to a primary MX host which then spams it out to the world. "
sample_directory = /usr/share/doc/postfix-2.6.5/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_unauth_destination
you might need some anti-spam checks, such as
reject_rbl_client zen.spamhaus.org
I am running quite a bit of spam checking. Spamassassin along with
amavisd and clamav.
Razor, Pyzor and DCC are the spamfilters in use.
But DCC gives me all those connection errors, I need to find out what
port it is using and if I have it blocked at my firewall.
