Feedback List Question

[Christian Arkadius Keil]

Hi there,

I am currently working out an Email System for outbound Emailing, the client I 
work wants to send out large Mailings to his customers, and past customers. I 
expect alot of Bounces and have found that AOL for example uses Feedback Loops 
( http://postmaster.aol.com/fbl/ ) to inform the sender about Mail Recpients 
that do not wish to be Emailed from the Mailing List. This would benefit us 
since we can remove the user from the Database and not harass that email Server 
again.

Does anyone know other ISP'S that are using FBL ? So far I could only find AOL 
and USA.net

Thanks in Advance

Kind Regards
Christian Keil

Re: Feedback List Question

[Devdas Bhagat]

On Mon, Oct 20, 2008 at 10:29:20AM +0200, Christian Arkadius Keil wrote:
> Hi there,
> 
> I am currently working out an Email System for outbound Emailing, the
> client I work wants to send out large Mailings to his customers, and
> past customers. I expect alot of Bounces and have found that AOL for

(a) I would recommend talking to an ESP about this. They will have better
resources to deal with problems.

> example uses Feedback Loops ( http://postmaster.aol.com/fbl/ ) to inform
> the sender about Mail Recpients that do not wish to be Emailed from the
> Mailing List. This would benefit us since we can remove the user from
> the Database and not harass that email Server again.

A lot of ISPs provide Feeback loop services (or FBLs). You may find better
information on this via the spam-l mailing list.

> 
> Does anyone know other ISP'S that are using FBL ? So far I could only
> find AOL and USA.net
> 
Off the top of my head, Yahoo!, Outblaze, Comcast, Earthlink.

Devdas Bhagat

Re: Feedback List Question

[Erbil KARAMAN]

http://www.reputationwiki.org/~reputati/index.php?title=Feedback_Loops

Yahoo is not processing new applications
(http://help.yahoo.com/l/us/yahoo/mail/postmaster/postmaster-30.html)

best,
erbiL..


On Mon, Oct 20, 2008 at 11:29 AM, Christian Arkadius Keil
<[EMAIL PROTECTED]> wrote:
> Hi there,
>
> I am currently working out an Email System for outbound Emailing, the client
> I work wants to send out large Mailings to his customers, and past
> customers. I expect alot of Bounces and have found that AOL for example uses
> Feedback Loops ( http://postmaster.aol.com/fbl/ ) to inform the sender about
> Mail Recpients that do not wish to be Emailed from the Mailing List. This
> would benefit us since we can remove the user from the Database and not
> harass that email Server again.
>
> Does anyone know other ISP'S that are using FBL ? So far I could only find
> AOL and USA.net
>
> Thanks in Advance
>
> Kind Regards
> Christian Keil

Re: Finally blocking some spam

[Charles Marcus]

On 10/20/2008, Joey ([EMAIL PROTECTED]) wrote:
> Running spamassasin on every domain we support will kill the server
> CPU wise and again as in my messages before it's about reducing
> overhead.  I am abusing some RBL's in some cases so I need to reduce
> connections.

I highly recommend checking out ASSP...

http://assp.sourceforge.net/

The current published 'stable' version is behind the times though. If
you decide to try it out, I highly recommend joining the 'test' list and
using one of the dev versions (1.4.x - and the new 2.0.x is
multi-threaded)...

http://sourceforge.net/mail/?group_id=69172

-- 

Best regards,

Charles

Re: multiple IP addresses/hosts to send/receive email + signed with DKIM+DomainKeys

[Barney Desmond]

mouss wrote:
> use multiple instances: run postfix 8 times, each with its own config
> dir, queue dir, data dir, ... etc, and configure each for its own
> domain(s).


This is something we've run into at work. One customer already uses
PowerMTA, and there's another we'd like to discourage. We figured this
is probably the way to do it, but I'd like to be sure: Would you leave
the "main" instance mostly as-is, and use
sender_dependent_relayhost_maps to pass mail through to the additional
instances? If you have naive/simplistic mailing software, chances are
it's easiest to just pass everything to localhost:25 and let the MTA
figure out how to get it to the internet.



signature.asc
Description: OpenPGP digital signature

Re: multiple IP addresses/hosts to send/receive email + signed with DKIM+DomainKeys

[Erbil KARAMAN]

actually 'letting MTA figure out how to get it to the internet' is not
a great approach for high volume senders. there are lots of parameters
you want to control 'logically' that no MTA out there supports. If you
compare the config options of powerMTA and postfix you will see how
they differ as a delivery agent. i wish i had time to implement all
those features and more on postfix, but after investigating a little
bit seemed like a lot of work to me... because of that i usually use a
software 'email sending engine' as an independent middleware to those
MTAs..

anyways, thanks for the advice..

best,
erbiL..

On Mon, Oct 20, 2008 at 3:13 PM, Barney Desmond <[EMAIL PROTECTED]> wrote:
> mouss wrote:
>> use multiple instances: run postfix 8 times, each with its own config
>> dir, queue dir, data dir, ... etc, and configure each for its own
>> domain(s).
>
>
> This is something we've run into at work. One customer already uses
> PowerMTA, and there's another we'd like to discourage. We figured this
> is probably the way to do it, but I'd like to be sure: Would you leave
> the "main" instance mostly as-is, and use
> sender_dependent_relayhost_maps to pass mail through to the additional
> instances? If you have naive/simplistic mailing software, chances are
> it's easiest to just pass everything to localhost:25 and let the MTA
> figure out how to get it to the internet.
>
>

Re: multiple IP addresses/hosts to send/receive email + signed with DKIM+DomainKeys

[Wietse Venema]

Erbil KARAMAN:
> actually 'letting MTA figure out how to get it to the internet' is not
> a great approach for high volume senders. there are lots of parameters
> you want to control 'logically' that no MTA out there supports. If you
> compare the config options of powerMTA and postfix you will see how
> they differ as a delivery agent. i wish i had time to implement all
> those features and more on postfix, but after investigating a little
> bit seemed like a lot of work to me... because of that i usually use a
> software 'email sending engine' as an independent middleware to those
> MTAs..

Can you be give examples of such features?

Wietse

Re: multiple outgoing interfaces?

[Wietse Venema]

Rainer Frey (Inxmail GmbH):
[ Charset ISO-8859-1 unsupported, converting... ]
> On Friday 10 October 2008 15:46:46 Wietse Venema wrote:
> > Rainer Frey (Inxmail GmbH):
> > > On Wednesday 08 October 2008 00:52:10 Noel Jones wrote:
> > > > Will the FILTER action accept an empty nexthop?
> > >
> > > It seems it does not (at least not correctly).  If the nexthop is empty,
> > > it seems to assume the local host (which of course leads to "mail loops
> > > to myself" if the recipient domain is not handled by postfix).
> >
> > This is incorrect.
> >
> > Postfix will complain about a mail loop REGARDLESS of the nexthop
> > information unless you "filter" the mail to a non-SMTP TCP port,
> > or unless you change the smtp_helo_name on the smtp delivery agent.

Oops, that should be myhostname.

> So will the FILTER action accept an empty nexthop (and determine the nexthop 
> from the recipient address domain) IF I change the smtp_helo_name? We tested 
> this and came to the conclusion that it doesn't work, but I don't have the 
> logs anymore, and I couldn't swear we didn't make a mistake and didn't have 
> the smtp_helo_name changed at that moment.

There are two loop detection mechanisms. You override one with []
around the next-hop domain. This mechanism is based on MX lookups.
You override the second one with myhostname, or a non-standard TCP
server port.  This mechanism is based on comparing the server's
EHLO/HELO reply with the client's myhostname.

Wietse

Indirect relay on direct error

[Michele]

Hi list,
I have a system that receive mails from internal network and deliver them
directly on Internet. Sometimes mx server for some domains, refuse mails for
users. It's there the possibility, by postfix, to relay that mails to a safe
server that, I'm sure, will accept that mails and will know what do with them?

Thanks, Michele

Re: Indirect relay on direct error

[Wietse Venema]

Michele:
> Hi list,
> I have a system that receive mails from internal network and deliver them
> directly on Internet. Sometimes mx server for some domains, refuse mails for
> users. It's there the possibility, by postfix, to relay that mails to a safe
> server that, I'm sure, will accept that mails and will know what do with them?

If the remote SMTP server rejects with a permanent error code (5XX),
Postfix will send a bounce message to the envelope sender address.
You should not override this with "softbounce=yes" because Postfix
will hammer multiple MX servers with the same undeliverable
recipients.

Otherwise, Postfix can send to the server(s) specified with
smtp_fallback_relay.

http://www.postfix.org/postconf.5.html#smtp_fallback_relay

Wietse

Re: multiple outgoing interfaces?

[Wietse Venema]

Wietse Venema:
> Rainer Frey (Inxmail GmbH):
> > On Friday 10 October 2008 15:46:46 Wietse Venema wrote:
> > > Rainer Frey (Inxmail GmbH):
> > > > On Wednesday 08 October 2008 00:52:10 Noel Jones wrote:
> > > > > Will the FILTER action accept an empty nexthop?
> > > >
> > > > It seems it does not (at least not correctly).  If the nexthop is empty,
> > > > it seems to assume the local host (which of course leads to "mail loops
> > > > to myself" if the recipient domain is not handled by postfix).
> > >
> > > This is incorrect.
> > >
> > > Postfix will complain about a mail loop REGARDLESS of the nexthop
> > > information unless you "filter" the mail to a non-SMTP TCP port,
> > > or unless you change the smtp_helo_name on the smtp delivery agent.
> 
> Oops, that should be myhostname.
> 
> > So will the FILTER action accept an empty nexthop (and determine the 
> > nexthop 
> > from the recipient address domain) IF I change the smtp_helo_name? We 
> > tested 
> > this and came to the conclusion that it doesn't work, but I don't have the 
> > logs anymore, and I couldn't swear we didn't make a mistake and didn't have 
> > the smtp_helo_name changed at that moment.
> 
> There are two loop detection mechanisms. You override one with []
> around the next-hop domain. This mechanism is based on MX lookups.
> You override the second one with myhostname, or a non-standard TCP
> server port.  This mechanism is based on comparing the server's
> EHLO/HELO reply with the client's myhostname.

I was a little too quick with responding.

Loop detection is turned off when sending to a non-SMTP TCP port;
that's both loop detection by comparing the destination's IP
address(es) against the MTA's own IP address(es), and loop detection
by comparing the SMTP server's EHLO/HELO response against the SMTP
client's myhostname.

Wietse

Books on Postfix

[Guy]

Hi guys,

I'm running a few postfix servers at the moment, but I don't really
understand postfix very well so I'm looking for some good books on it.
Preferably one that includes the basics to start with.
Can anyone recommend one or two good books for me to start with? The Book of
Postfix has good recommendations after a quick bit of googling, but I
figured it wouldn't hurt to ask about any others.

Thanks
Guy

-- 
Don't just do something...sit there!

header ?

[Joey]

Can someone tell me why headers shows received from 127.0.0.1 in the middle?
Is this a filter thing, or is it someone connecting to that server making it
look like that IP?

 

Thanks!

 

Microsoft Mail Internet Headers Version 2.0

Received: from mail.myserver4mail.net ([205.205.205.205]) by
myserver4mail.com with Microsoft SMTPSVC(6.0.3790.3959);

 Sat, 18 Oct 2008 18:27:14 -0400

Received: by mail.myserver4mail.net (Postfix, from userid 10816)

id C7FAF264013; Sat, 18 Oct 2008 18:23:58 -0400 (EDT)

X-Spam-Checker-Version: SpamAssassin 3.2.4 (2008-01-01) on

pluto.myserver4mail.net

X-Spam-Level: 

X-Spam-Status: No, score=0.6 required=4.0 tests=AWL,BAYES_05,

DATE_IN_PAST_03_06,HTML_MESSAGE,MIME_HTML_ONLY,SARE_UNI
autolearn=no

version=3.2.4

Received: from dellconsumer.outbound.ed10.com
(dellconsumer.outbound.ed10.com [209.202.164.173])

by mail.myserver4mail.net (Postfix) with ESMTP id
E0D9A26400A

for <[EMAIL PROTECTED]>; Sat, 18 Oct 2008 18:23:40
-0400 (EDT)

DomainKey-Signature: q=dns; a=rsa-sha1; c=nofws;

s=ED2007-07; d=dellhome.usa.dell.com;

 
h=Received:Date:Content-Type:Content-Transfer-Encoding:MIME-Version:From:Rep
ly-To:To:Subject:Message-Id:X-Mail-From:X-RCPT-To:X-Mailer;

 
b=eAOmL9C1Tece+TgjQsAZ+j6Dq673ohpyt2v/Xv7usOKDk5Qwc5w1+mOwwU5lUs+w

 
gFMacqRI/YHmA66s2ZMNJ1C0koVQB4qXMXKAU9j9KgM42BeJh/eBJLPF+hM6NPkw

Received: from [127.0.0.1] ([127.0.0.1:49705])

by bm1-25.bo3.e-dialog.com (envelope-from
<[EMAIL PROTECTED]
mer.bounce.ed10.net>)

(ecelerity 2.2.2.30 r(24133/24168)) with ECSTREAM

id 2D/39-25970-3663AF84; Sat, 18 Oct 2008 15:17:55 -0400

Date: Sat, 18 Oct 2008 15:17:55 -0400

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: 7bit

MIME-Version: 1.0

From: "Dell Direct" <[EMAIL PROTECTED]>

Reply-To: "Dell Direct" <[EMAIL PROTECTED]>

To: [EMAIL PROTECTED]

Subject: You're Invited...

Message-Id:
<31086-246457-O76PJH-VGJOM-40NUI-8A4L7K1-5JUD6-H-M2-20081018-e927499f14ccda0
[EMAIL PROTECTED]>

X-Mail-From:
[EMAIL PROTECTED]
er.bounce.ed10.net

X-RCPT-To: [EMAIL PROTECTED]

X-Mailer: EDMAIL R6.00.02

Return-Path:
[EMAIL PROTECTED]
er.bounce.ed10.net

X-OriginalArrivalTime: 18 Oct 2008 22:27:14.0375 (UTC)
FILETIME=[ABB6C570:01C93170]

 

Re: Feedback List Question

[Gerald Livingston]

Christian Arkadius Keil wrote:

Hi there,
 
I am currently working out an Email System for outbound Emailing, the 
client I work wants to send out large Mailings to his customers, and 
past customers. I expect alot of Bounces and have found that AOL for 
example uses Feedback Loops ( http://postmaster.aol.com/fbl/ ) to inform 
the sender about Mail Recpients that do not wish to be Emailed from the 
Mailing List. This would benefit us since we can remove the user from 
the Database and not harass that email Server again.
 
Does anyone know other ISP'S that are using FBL ? So far I could only 
find AOL and USA.net
 
Thanks in Advance
 
Kind Regards

Christian Keil


RoadRunner

And, you are sadly mistaken about AOL informing you of "recipients who 
don't want your email".


What they do is send you a notice every time one of their users clicks 
the "spam" button on an email from your servers. But, they strip out all 
information that may identify *WHICH* user caused the bounce.


You'll have to make sure you're using some good VERP to actually have 
the bounces be useful.


Gerald

multiple mx and timeout question

[Joey]

Hello All,

 

I just wanted to confirm something.

We are defining 3 servers for MX and the first one is basically nolisting.

Should any server trying to deliver to the first mx IMMEDIATELY try to
connect to the second, or should we see a delay like with greylisting?

 

My understanding is there should be no delay, but we are seeing some
messages coming in 30 minutes later delivery wise versus when it was sent
from the client.

 

Thanks!

 

 

Re: header ?

[mouss]

Joey a écrit :
> Can someone tell me why headers shows received from 127.0.0.1 in the
> middle? 

Do you mean the middle of the beginning? :-) when you read Received
headers, stop at the first server that is not under your control. All
other headers have been added by remote servers (whether legitimately or
not).

> Is this a filter thing, or is it someone connecting to that
> server making it look like that IP?
> 
>  
> 
> Thanks!
> 
>  
> 
> Microsoft Mail Internet Headers Version 2.0
> 
> Received: from mail.myserver4mail.net ([205.205.205.205]) by
> myserver4mail.com with Microsoft SMTPSVC(6.0.3790.3959);
> 
>  Sat, 18 Oct 2008 18:27:14 -0400
> 

your MS server (myserver4mail.com) got the mail from [your] postfix
running on 205.205.205.205. This postfix helo-ed as mail.myserver4mail.net.

> Received: by mail.myserver4mail.net (Postfix, from userid 10816)
> 
> id C7FAF264013; Sat, 18 Oct 2008 18:23:58 -0400 (EDT)

your filter submitted mail to your postfix using the sendmail command,
executed as uid 10816.


> 
> Received: from dellconsumer.outbound.ed10.com
> (dellconsumer.outbound.ed10.com [209.202.164.173])
> 
> by mail.myserver4mail.net (Postfix) with ESMTP id
> E0D9A26400A
> 
> for <[EMAIL PROTECTED]>; Sat, 18 Oct 2008 18:23:40
> -0400 (EDT)
> 

[your] postfix received the message from E-dialog server (ed10.com), on
behalf of Dell, as can be coonfirmed by:

$ host dellhome.usa.dell.com
dellhome.usa.dell.com mail is handled by 10 mail-router.e-dialog.com.
$ host -t txt dellhome.usa.dell.com
dellhome.usa.dell.com descriptive text "spf2.0/pra
a:dellconsumer.outbound.ed10.com -all"


> DomainKey-Signature: q=dns; a=rsa-sha1; c=nofws;
> 
> s=ED2007-07; d=dellhome.usa.dell.com;
> 
>
> h=Received:Date:Content-Type:Content-Transfer-Encoding:MIME-Version:From:Reply-To:To:Subject:Message-Id:X-Mail-From:X-RCPT-To:X-Mailer;
> 
>
> b=eAOmL9C1Tece+TgjQsAZ+j6Dq673ohpyt2v/Xv7usOKDk5Qwc5w1+mOwwU5lUs+w
> 
>
> gFMacqRI/YHmA66s2ZMNJ1C0koVQB4qXMXKAU9j9KgM42BeJh/eBJLPF+hM6NPkw
> 

At a first glance, E-dialog server signs (DK) on behalf of Dell.

If you enable the DKIM plugin in SA, you will have DKIM related infos in
the X-Spam-Status header.

> Received: from [127.0.0.1] ([127.0.0.1:49705])
> 
> by bm1-25.bo3.e-dialog.com (envelope-from
> <[EMAIL PROTECTED]>)
> 
> (ecelerity 2.2.2.30 r(24133/24168)) with ECSTREAM
> 
> id 2D/39-25970-3663AF84; Sat, 18 Oct 2008 15:17:55 -0400
>


E-dialog server received the message from a mailing application running
on the same host.


> [snip] 

Command died with status 9: "perl"

[Vadtec]

Hi,

I'm trying to setup a perl script to parse incoming e-mails to a given 
e-mail address that is aliased. Postfix 2.5.5 is running on Debian 
Linux. (Path names and file names changed where necessary.)


In /etc/aliases I have (for example): parse: |perl 
/path/to/my/perl/script/parse.pl


Its receiving the e-mail just fine, but I'm getting the following in a 
bounced reply:


<[EMAIL PROTECTED]>: Command died with status 9: "perl". Command output:
   Number found where operator expected at - line 1, near "Oct 20"  (Do you
   need to predeclare Oct?) Number found where operator expected at - line 1,
   near "20 15"  (Missing operator before  15?) Number found where operator
   expected at - line 1, near "03 2008"  (Missing operator before  2008?)
   Semicolon seems to be missing at - line 1. 



[snipped to save space]

<[EMAIL PROTECTED]>: cannot append message to file
   /path/to/my/perl/script/parse.pl: cannot open file:
   Permission denied


However, I know the perms for the file are proper:

-rwxr-xr-x 1 mail mail 1223 Oct 20 12:27 parse.pl


I've run postalias /etc/aliases, so I know that much is working. I just 
can't for the life of me figure out why it's bailing. And for some 
reason, I can't find sysexits.h to see if I can glean more info from 
there. Can anyone shed some light on why its bailing when the script is 
getting its input?


Vadtec
[EMAIL PROTECTED]

Re: Feedback List Question

[mouss]

Gerald Livingston a écrit :
> Christian Arkadius Keil wrote:
>> Hi there,
>>  
>> I am currently working out an Email System for outbound Emailing, the
>> client I work wants to send out large Mailings to his customers, and
>> past customers. I expect alot of Bounces and have found that AOL for
>> example uses Feedback Loops ( http://postmaster.aol.com/fbl/ ) to
>> inform the sender about Mail Recpients that do not wish to be Emailed
>> from the Mailing List. This would benefit us since we can remove the
>> user from the Database and not harass that email Server again.
>>  
>> Does anyone know other ISP'S that are using FBL ? So far I could only
>> find AOL and USA.net
>>  
>> Thanks in Advance
>>  
>> Kind Regards
>> Christian Keil
> 
> RoadRunner
> 
> And, you are sadly mistaken about AOL informing you of "recipients who
> don't want your email".
> 
> What they do is send you a notice every time one of their users clicks
> the "spam" button on an email from your servers. But, they strip out all
> information that may identify *WHICH* user caused the bounce.
> 

Indeed, the goal is to raise alarms, not to wash lists. so if you get
few AOL reports, it's ok. but if you get a lot, it means your list is
dirty and you should nuke it.

And AFAIK, AOL FBL requires that the IPs are registered in your name
(whois).

> You'll have to make sure you're using some good VERP to actually have
> the bounces be useful.
> 

note however that VERP is expensive, not only for the sender but also
for the recipient domain (I prefer if you send a single mail to all my
users...). so use it when appropriate:

- use it in an initial mailing (or when addresses are added to the list)

Then
- use it periodically ("reminder" style mailings)
- use it if you get a bounce ("problem detected, need more infos")

It is recommended to send a confirmation request (COI) before actually
adding an address (so that default is "don't add") and keep evidence
(save the confirmations. so that if a user declares that you spam him,
you can show the confirmations. not a proof, but it helps).

Unfortunately, this is not without problems ("They know I want it, so
why ask again and again?", or "I have no idea what this mail is trying
to tell me. must be a new internet attack. let's delete it now", or "too
busy now. I'll confirm later"...).

so you need to take a decision based on how you acquired the list (in
any case, make it extremely easy to unsubscribe. I personally consider a
web error (sql error blah blah) as a trick to prevent opt-out and
consider the list as having a "fake opt-out process" (well, except if I
can easily find infos about the company showing they are clean...).

Re: multiple mx and timeout question

[Victor Duchovni]

On Mon, Oct 20, 2008 at 12:42:05PM -0400, Joey wrote:

> Hello All,
> 
>  
> 
> I just wanted to confirm something.
> 
> We are defining 3 servers for MX and the first one is basically nolisting.
> 
> Should any server trying to deliver to the first mx IMMEDIATELY try to
> connect to the second, or should we see a delay like with greylisting?

Well designed MTAs immediately try additional MX hosts.

> My understanding is there should be no delay, but we are seeing some
> messages coming in 30 minutes later delivery wise versus when it was sent
> from the client.

You need the sending hosts logs.

-- 
Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:


If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.

Re: confirm log entry

[mouss]

Joey a écrit :
> Hello everyone,,
> 
>  
> 
> This is a warning message I see in my logs a lot getting hostname
> vertification failed.
> 
> Will this continue to process since this is only a warning, or will it
> not accept the message from this source?
> 
>  
> 
> Oct  1 05:40:14 pluto postfix/smtpd[2965]: warning: 194.186.244.218:
> hostname Inveko-gw.Tula.gldn.net verification failed: Name or service
> not known
> 
> Oct  1 05:41:08 pluto postfix/smtpd[2928]: warning: 194.186.244.218:
> hostname Inveko-gw.Tula.gldn.net verification failed: Name or service
> not known
> 
> Oct  1 05:42:02 pluto postfix/smtpd[2928]: warning: 194.186.244.218:
> hostname Inveko-gw.Tula.gldn.net verification failed: Name or service
> not known
> 
>  

it's only a warning.

It is useful when parsing logs to get the PTR of the host even if rDNS
isn't "confirmed". When parsing logs, I use "?Inveko-gw.Tula.gldn.net"
as the hostname in such cases.

Re: Command died with status 9: "perl"

[mouss]

Vadtec a écrit :
> Hi,
> 
> I'm trying to setup a perl script to parse incoming e-mails to a given
> e-mail address that is aliased. Postfix 2.5.5 is running on Debian
> Linux. (Path names and file names changed where necessary.)
> 
> In /etc/aliases I have (for example): parse: |perl
> /path/to/my/perl/script/parse.pl
> 
> Its receiving the e-mail just fine, but I'm getting the following in a
> bounced reply:
> 
> <[EMAIL PROTECTED]>: Command died with status 9: "perl". Command output:
>Number found where operator expected at - line 1, near "Oct 20"  (Do you
>need to predeclare Oct?) Number found where operator expected at -
> line 1,
>near "20 15"  (Missing operator before  15?) Number found where operator
>expected at - line 1, near "03 2008"  (Missing operator before  2008?)
>Semicolon seems to be missing at - line 1.
> 

you have an error in your perl script.

> [snipped to save space]
> 
> <[EMAIL PROTECTED]>: cannot append message to file
>/path/to/my/perl/script/parse.pl: cannot open file:
>Permission denied
> 

why would you append a message to a perl script?

> 
> However, I know the perms for the file are proper:
> 
> -rwxr-xr-x 1 mail mail 1223 Oct 20 12:27 parse.pl
> 
> 
> I've run postalias /etc/aliases, so I know that much is working. I just
> can't for the life of me figure out why it's bailing. And for some
> reason, I can't find sysexits.h to see if I can glean more info from
> there. Can anyone shed some light on why its bailing when the script is
> getting its input?
> 

instead of showing bounce messages, show postfix logs and configuration.

Re: multiple mx and timeout question

[Jorey Bump]

Joey wrote, at 10/20/2008 12:42 PM:

> I just wanted to confirm something.
> 
> We are defining 3 servers for MX and the first one is basically nolisting.
> 
> Should any server trying to deliver to the first mx IMMEDIATELY try to
> connect to the second, or should we see a delay like with greylisting?
> 
> My understanding is there should be no delay, but we are seeing some
> messages coming in 30 minutes later delivery wise versus when it was
> sent from the client.

This depends on the origin domain, and involves a variety of factors,
including the software they use, their policy, load balancing, etc.

In my tests, most hosts retry immediately, and there is no noticeable
delay. Some sites, however, appear to put failed connections back into a
pool, and retries may occur up to an hour later (not always from the
same host).

You can monitor this with tcpdump, and verify the second connection
against your mail logs. This is the only way to prove that there was no
delay introduced at the sending site. A lot can happen between the
sender's client and the recipient's mailbox.

Re: Command died with status 9: "perl"

[Vadtec]

Sorry mouss, meant to send this to the mailing list, not you directly.




Actually, I just found the log file. Go figure, I was distracted
earlier. Turns out its a lock file creation issue.

Oct 20 18:18:09 example postfix/local[5396]: warning: unable to create
lock file /path/to/my/script/parse.pl.lock: Permission denied

However, I have the dir that parse.pl is located in chmod 775 and chown
root:postfix. I also tried chown root:mail.

drwxrwxr-x 2 root postfix 4096 Oct 20 18:02 script

Could it be a directory above script thats causing the issue? Surely I
don't need the dir chmod 777.

Vadtec
[EMAIL PROTECTED]

Re: Command died with status 9: "perl"

[Brian Evans - Postfix List]

Vadtec wrote:
> Sorry mouss, meant to send this to the mailing list, not you directly.
>
> Actually, I just found the log file. Go figure, I was distracted
> earlier. Turns out its a lock file creation issue.
>
> Oct 20 18:18:09 example postfix/local[5396]: warning: unable to create
> lock file /path/to/my/script/parse.pl.lock: Permission denied
>
> However, I have the dir that parse.pl is located in chmod 775 and chown
> root:postfix. I also tried chown root:mail.
>
> drwxrwxr-x 2 root postfix 4096 Oct 20 18:02 script
>
> Could it be a directory above script thats causing the issue? Surely I
> don't need the dir chmod 777.
'man 5 postconf' says:
---
default_privs (default: nobody)

The default rights used by the local(8) delivery agent for delivery
to external file or command. These rights are used when delivery is
requested from an aliases(5) file that is owned by root, or when
delivery is done on behalf of root. DO NOT SPECIFY A PRIVILEGED USER OR
THE POSTFIX OWNER.
---

To answer further, you need to know the owner of the map file.

Brian

Re: Command died with status 9: "perl"

[Vadtec]

Brian Evans - Postfix List wrote:

'man 5 postconf' says:
---
default_privs (default: nobody)

The default rights used by the local(8) delivery agent for delivery
to external file or command. These rights are used when delivery is
requested from an aliases(5) file that is owned by root, or when
delivery is done on behalf of root. DO NOT SPECIFY A PRIVILEGED USER OR
THE POSTFIX OWNER.
---

To answer further, you need to know the owner of the map file.

Brian

  


The file itself is chown mail:mail, so if I use the info from Wietse 
everything *should* work, correct? I can change the dir perms to be what 
they were before if necessary.


Thanks for the help, both Brian and Wietse.

Vadtec
[EMAIL PROTECTED]

Re: Command died with status 9: "perl"

[mouss]

[reposting to list, even if you posted other messages after this]

Vadtec a écrit :
>> you have an error in your perl script.
>>   
> Maybe.


debug the script. run it manually.

>>  
>>> [snipped to save space]
>>>
>>> <[EMAIL PROTECTED]>: cannot append message to file
>>>/path/to/my/perl/script/parse.pl: cannot open file:
>>>Permission denied
>>>
>>> 
>>
>> why would you append a message to a perl script?
>>   
> Because Perl has the nifty ability to receive from stdin so that I can
> parse the e-mail to extract data from it. I don't so much care about the
> e-mail it self.

That's not how I understand it. I understand it like this: the message
is being appended to (added to the end of) the file /path/.../parse.pl,
not being passed to stding after executing the script. To be clear, this
is like:

# cat message.eml >> /path/.../parse.pl

after a message is appended, the script is invalid (syntax errors). and
after more and more messages are appended, the script becomes larger and
larger. do you understand what I mean?


> parse: |perl /path/to/my/script/parse.pl

As Wietse said, quote the command:

parse: "|perl /path/to//parse.pl"

and instead of running perl like this, add "#!/usr/bin/perl" (adjust the
path if perl is somewhere else) at the beginning of the script, and make
the script executable. This way you can simply do

parse: "|/path/.../parse.pl"

it is a good security practice to always use absolute paths
(/usr/bin/perl instead of perl).


Finally, since the aliases file belongs to root, the script is executed
as "nobody", which explains the permission problems.

to run the script as a user "foo", put it in a separate file, say
foo_aliases and use

alias_maps =
hash:/etc/.../aliases
hash:/etc/postfix/foo_aliases

then chown foo_aliases to "foo".


An alternative is to use a transport in master.cf instead of using
alias_maps.

Re: Command died with status 9: "perl"

[Vadtec]

Thanks for all the great info.

mouss wrote:

[reposting to list, even if you posted other messages after this]

Vadtec a écrit :
  

you have an error in your perl script.
  
  

Maybe.




debug the script. run it manually.

  

I had already ran the script manually to verify it worked.
 
  

[snipped to save space]

<[EMAIL PROTECTED]>: cannot append message to file
   /path/to/my/perl/script/parse.pl: cannot open file:
   Permission denied




why would you append a message to a perl script?
  
  

Because Perl has the nifty ability to receive from stdin so that I can
parse the e-mail to extract data from it. I don't so much care about the
e-mail it self.



That's not how I understand it. I understand it like this: the message
is being appended to (added to the end of) the file /path/.../parse.pl,
not being passed to stding after executing the script. To be clear, this
is like:

# cat message.eml >> /path/.../parse.pl

after a message is appended, the script is invalid (syntax errors). and
after more and more messages are appended, the script becomes larger and
larger. do you understand what I mean?


  

parse: |perl /path/to/my/script/parse.pl



As Wietse said, quote the command:

parse: "|perl /path/to//parse.pl"

and instead of running perl like this, add "#!/usr/bin/perl" (adjust the
path if perl is somewhere else) at the beginning of the script, and make
the script executable. This way you can simply do

parse: "|/path/.../parse.pl"

it is a good security practice to always use absolute paths
(/usr/bin/perl instead of perl).

  
I rarely use relative paths. Once to often I've seen known binaries get 
messed with.


As for the fix, the only thing I didn't do was quote the command, which 
I have since done.

Finally, since the aliases file belongs to root, the script is executed
as "nobody", which explains the permission problems.

to run the script as a user "foo", put it in a separate file, say
foo_aliases and use

alias_maps =
hash:/etc/.../aliases
hash:/etc/postfix/foo_aliases

then chown foo_aliases to "foo".
  
To cure this, I set default_privs to "mail" and chowned the script and 
dir accordingly. I'm glad to say it worked. I'll also look into using 
the alias_maps method.


An alternative is to use a transport in master.cf instead of using
alias_maps.
  

This is above me at this point, but I will look into this as well.


Vadtec
[EMAIL PROTECTED]

Re: Command died with status 9: "perl"

[Wietse Venema]

Vadtec:
> Oct 20 18:18:09 example postfix/local[5396]: warning: unable to create
> lock file /path/to/my/script/parse.pl.lock: Permission denied

Postfix requires "|/path/to/my/script/parse.pl" if you want to
EXECUTE the script.

BTW Postfix will NOT execute the script with the privileges of the
"postfix" user. It uses "nobody" by default.

See: http://www.postfix.org/local.8.html

Wietse

Likely Spam.

[Linux Addict]

Hi, Looks like our MX servers are hit hard by a specific email address which
is sending frequent mails trying to use our relay effectively many mail
servers seems to be blacklisting.

Oct 20 18:20:05 mx01 postfix/qmgr[6512]: DBB784BE68E: from=<
[EMAIL PROTECTED]>, size=3309, nrcpt=1 (queue active)
Oct 20 18:20:05 mx0  postfix/error[9345]: DA960E73E11: to=<
[EMAIL PROTECTED]>, relay=none, delay=77080, delays=76950/130/0/0.01,
dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to
exchange.net Connection timed out)

Please help me stop this. Thank you!

~LA

Re: Books on Postfix

[Stephen Holmes]

Well, there's the de facto 'POSTFIX - state of the art message
transport' by Hilderbrandt and Koetter.  I found it invaluable, readable
and relatively thorough.  That said, this list is populated with some
incredible minds that would complement any text!

S.
 


Guy wrote:
> Hi guys,
>
> I'm running a few postfix servers at the moment, but I don't really
> understand postfix very well so I'm looking for some good books on it.
> Preferably one that includes the basics to start with.
> Can anyone recommend one or two good books for me to start with? The
> Book of Postfix has good recommendations after a quick bit of
> googling, but I figured it wouldn't hurt to ask about any others.
>
> Thanks
> Guy
>
> -- 
> Don't just do something...sit there!


-- 
s  t  e  p  h  e  nh  o  l  m  e  s
stephen [at] gallopinggreen [dot] com

skype: stephen.holmes
aol  : i18ndoc
gtalk: [EMAIL PROTECTED]
msn  : [EMAIL PROTECTED]

Re: Likely Spam.

[Neil]

On 20 Oct 2008, at 18:24, Linux Addict wrote:

Hi, Looks like our MX servers are hit hard by a specific email  
address which is sending frequent mails trying to use our relay  
effectively many mail servers seems to be blacklisting.



Oct 20 18:20:05 mx01 postfix/qmgr[6512]: DBB784BE68E: from=<[EMAIL PROTECTED] 
>, size=3309, nrcpt=1 (queue active)
Oct 20 18:20:05 mx0  postfix/error[9345]: DA960E73E11: to=<[EMAIL PROTECTED] 
>, relay=none, delay=77080, delays=76950/130/0/0.01, dsn=4.4.1,  
status=deferred (delivery temporarily suspended: connect to  
exchange.net Connection timed out)


Please help me stop this. Thank you!

~LA


Unless I'm mistaken (and I'm not the most knowledgeable person on this  
list), I think your server thinks it's okay to accept mail for the  
domain "exchange.net" (and I'm assuming "exchange.net" isn't yours).   
So to fix this, you need to tell postfix only to accept mail for your  
domains.  I think you should check my_destination, relay_domains, etc.


Post the output of "postconf -n".

-N.

Re: Likely Spam.

[Linux Addict]

On Mon, Oct 20, 2008 at 6:33 PM, Neil <[EMAIL PROTECTED]> wrote:

> On 20 Oct 2008, at 18:24, Linux Addict wrote:
>
> Hi, Looks like our MX servers are hit hard by a specific email address
> which is sending frequent mails trying to use our relay effectively many
> mail servers seems to be blacklisting.
>
> Oct 20 18:20:05 mx01 postfix/qmgr[6512]: DBB784BE68E: from=<
> [EMAIL PROTECTED]>, size=3309, nrcpt=1 (queue active)
> Oct 20 18:20:05 mx0  postfix/error[9345]: DA960E73E11: to=<
> [EMAIL PROTECTED]>, relay=none, delay=77080,
> delays=76950/130/0/0.01, dsn=4.4.1, status=deferred (delivery temporarily
> suspended: connect to exchange.net Connection timed out)
>
> Please help me stop this. Thank you!
>
> ~LA
>
>
> Unless I'm mistaken (and I'm not the most knowledgeable person on this
> list), I think your server thinks it's okay to accept mail for the domain "
> exchange.net" (and I'm assuming "exchange.net" isn't yours).  So to fix
> this, you need to tell postfix only to accept mail for your domains.  I
> think you should check my_destination, relay_domains, etc.
>
> Post the output of "postconf -n".
>
> -N.
>


Thanks for your reply.


mydestination = $myhostname
relay_domains = $mydestination

Actually its not just exchange.net, most of the mails are being sent to
bellsouth.net

Oct 20 18:37:27 mx01 postfix/qmgr[6597]: 5CE74D08FE1: from=<
[EMAIL PROTECTED]>, size=3237, nrcpt=1 (queue active)
Oct 20 18:37:27 mx01 postfix/error[6838]: 57AD01031088: to=<
[EMAIL PROTECTED]>, relay=none, delay=14928, delays=14928/0.05/0/0,
dsn=4.0.0, status=deferred (delivery temporarily suspended: host
gateway-f2.isp.att.net[207.115.11.16] refused to talk to me: 450 too
frequent connects from 63.240.86.13, please try again later.)


Thanks
LA

Re: Likely Spam.

[Neil]

On 20 Oct 2008, at 18:39, Linux Addict wrote:




On Mon, Oct 20, 2008 at 6:33 PM, Neil <[EMAIL PROTECTED]> wrote:
On 20 Oct 2008, at 18:24, Linux Addict wrote:

Hi, Looks like our MX servers are hit hard by a specific email  
address which is sending frequent mails trying to use our relay  
effectively many mail servers seems to be blacklisting.



Oct 20 18:20:05 mx01 postfix/qmgr[6512]: DBB784BE68E: from=<[EMAIL PROTECTED] 
>, size=3309, nrcpt=1 (queue active)
Oct 20 18:20:05 mx0  postfix/error[9345]: DA960E73E11: to=<[EMAIL PROTECTED] 
>, relay=none, delay=77080, delays=76950/130/0/0.01, dsn=4.4.1,  
status=deferred (delivery temporarily suspended: connect to  
exchange.net Connection timed out)


Please help me stop this. Thank you!

~LA


Unless I'm mistaken (and I'm not the most knowledgeable person on  
this list), I think your server thinks it's okay to accept mail for  
the domain "exchange.net" (and I'm assuming "exchange.net" isn't  
yours).  So to fix this, you need to tell postfix only to accept  
mail for your domains.  I think you should check my_destination,  
relay_domains, etc.


Post the output of "postconf -n".

-N.


Thanks for your reply.


mydestination = $myhostname
relay_domains = $mydestination

Actually its not just exchange.net, most of the mails are being sent  
to bellsouth.net


Oct 20 18:37:27 mx01 postfix/qmgr[6597]: 5CE74D08FE1: from=<[EMAIL PROTECTED] 
>, size=3237, nrcpt=1 (queue active)
Oct 20 18:37:27 mx01 postfix/error[6838]: 57AD01031088: to=<[EMAIL PROTECTED] 
>, relay=none, delay=14928, delays=14928/0.05/0/0, dsn=4.0.0,  
status=deferred (delivery temporarily suspended: host gateway- 
f2.isp.att.net[207.115.11.16] refused to talk to me: 450 too  
frequent connects from 63.240.86.13, please try again later.)



Thanks
LA


I don't think you need $mydestination in relay_domains.  And the rest  
of postconf -n would still be useful.

Re: Likely Spam.

[Linux Addict]

On Mon, Oct 20, 2008 at 6:41 PM, Neil <[EMAIL PROTECTED]> wrote:

>
> On 20 Oct 2008, at 18:39, Linux Addict wrote:
>
>
>
> On Mon, Oct 20, 2008 at 6:33 PM, Neil <[EMAIL PROTECTED]> wrote:
>
>> On 20 Oct 2008, at 18:24, Linux Addict wrote:
>>
>> Hi, Looks like our MX servers are hit hard by a specific email address
>> which is sending frequent mails trying to use our relay effectively many
>> mail servers seems to be blacklisting.
>>
>> Oct 20 18:20:05 mx01 postfix/qmgr[6512]: DBB784BE68E: from=<
>> [EMAIL PROTECTED]>, size=3309, nrcpt=1 (queue active)
>> Oct 20 18:20:05 mx0  postfix/error[9345]: DA960E73E11: to=<
>> [EMAIL PROTECTED]>, relay=none, delay=77080,
>> delays=76950/130/0/0.01, dsn=4.4.1, status=deferred (delivery temporarily
>> suspended: connect to exchange.net Connection timed out)
>>
>> Please help me stop this. Thank you!
>>
>> ~LA
>>
>>
>> Unless I'm mistaken (and I'm not the most knowledgeable person on this
>> list), I think your server thinks it's okay to accept mail for the domain "
>> exchange.net" (and I'm assuming "exchange.net" isn't yours).  So to fix
>> this, you need to tell postfix only to accept mail for your domains.  I
>> think you should check my_destination, relay_domains, etc.
>>
>> Post the output of "postconf -n".
>>
>> -N.
>>
>
>
> Thanks for your reply.
>
>
> mydestination = $myhostname
> relay_domains = $mydestination
>
> Actually its not just exchange.net, most of the mails are being sent to
> bellsouth.net
>
> Oct 20 18:37:27 mx01 postfix/qmgr[6597]: 5CE74D08FE1: from=<
> [EMAIL PROTECTED]>, size=3237, nrcpt=1 (queue active)
> Oct 20 18:37:27 mx01 postfix/error[6838]: 57AD01031088: to=<
> [EMAIL PROTECTED]>, relay=none, delay=14928, delays=14928/0.05/0/0,
> dsn=4.0.0, status=deferred (delivery temporarily suspended: host
> gateway-f2.isp.att.net[207.115.11.16] refused to talk to me: 450 too
> frequent connects from 63.240.86.13, please try again later.)
>
>
> Thanks
> LA
>
>
> I don't think you need $mydestination in relay_domains.  And the rest of
> postconf -n would still be useful.
>



alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 50
disable_vrfy_command = yes
fallback_transport = maildrop
header_checks = regexp:/etc/postfix/header_checks
home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
local_recipient_maps = proxy:unix:passwd.byname $virtual_alias_maps
$alias_maps
mail_owner = postfix
mail_spool_directory = /var/spool/mail
mailq_path = /usr/bin/mailq
manpage_directory = /usr/local/man
mydestination = $myhostname
mydomain = example.net
myhostname = mx02.example.net
mynetworks = /etc/postfix/network_table
mynetworks_style = class
myorigin = $myhostname
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = no
relay_domains = $mydestination
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtp_tls_note_starttls_offer = yes
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, reject_non_fqdn_hostname,
  reject_invalid_hostname, permit
smtpd_recipient_limit = 300
smtpd_recipient_restrictions = permit_mynetworks,
 permit_sasl_authenticated,reject_unauth_destination,
 reject_invalid_hostname,reject_unauth_pipelining,
 reject_non_fqdn_sender,reject_unknown_sender_domain,
 reject_non_fqdn_recipient,reject_unknown_recipient_domain,
 reject_rbl_client blackholes.easynet.nl,reject_rbl_client
cbl.abuseat.org,reject_rbl_client proxies.blackholes.wirehub.net,
 reject_rbl_client bl.spamcop.net,reject_rbl_client sbl.spamhaus.org,
 reject_rbl_client dnsbl.njabl.org,reject_rbl_client list.dsbl.org,
 reject_rbl_client multihop.dsbl.org,permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /usr/share/ssl/certs/cacert.pem
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /usr/share/ssl/certs/cert.pem
smtpd_tls_key_file = /usr/share/ssl/certs/key.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_exchange_name = /var/lib/postfix/prng_exch
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
virtual_alias_maps = hash:/etc/postfix/maps/pf_aliases
virtual_gid_maps = static:102
virtual_mailbox_base = /home/vmail
virtual_mailbox_domains = hash:/etc/postfix/maps/pf_domain
virtual_mailbox_limit = 5120
virtual_mailbox_maps = hash:/etc/postfix/maps/pf_domain_mailboxes
virtual_minimum_uid = 102
virtual_transport = maildrop
virtual_uid_maps = static:102

Re: Likely Spam.

[Neil]

On 20 Oct 2008, at 18:45, Linux Addict wrote:


On Mon, Oct 20, 2008 at 6:41 PM, Neil <[EMAIL PROTECTED]> wrote:

On 20 Oct 2008, at 18:39, Linux Addict wrote:




On Mon, Oct 20, 2008 at 6:33 PM, Neil <[EMAIL PROTECTED]> wrote:
On 20 Oct 2008, at 18:24, Linux Addict wrote:

Hi, Looks like our MX servers are hit hard by a specific email  
address which is sending frequent mails trying to use our relay  
effectively many mail servers seems to be blacklisting.



Oct 20 18:20:05 mx01 postfix/qmgr[6512]: DBB784BE68E: from=<[EMAIL PROTECTED] 
>, size=3309, nrcpt=1 (queue active)
Oct 20 18:20:05 mx0  postfix/error[9345]: DA960E73E11: to=<[EMAIL PROTECTED] 
>, relay=none, delay=77080, delays=76950/130/0/0.01, dsn=4.4.1,  
status=deferred (delivery temporarily suspended: connect to  
exchange.net Connection timed out)


Please help me stop this. Thank you!

~LA


Unless I'm mistaken (and I'm not the most knowledgeable person on  
this list), I think your server thinks it's okay to accept mail for  
the domain "exchange.net" (and I'm assuming "exchange.net" isn't  
yours).  So to fix this, you need to tell postfix only to accept  
mail for your domains.  I think you should check my_destination,  
relay_domains, etc.


Post the output of "postconf -n".

-N.


Thanks for your reply.


mydestination = $myhostname
relay_domains = $mydestination

Actually its not just exchange.net, most of the mails are being  
sent to bellsouth.net


Oct 20 18:37:27 mx01 postfix/qmgr[6597]: 5CE74D08FE1: from=<[EMAIL PROTECTED] 
>, size=3237, nrcpt=1 (queue active)
Oct 20 18:37:27 mx01 postfix/error[6838]: 57AD01031088: to=<[EMAIL PROTECTED] 
>, relay=none, delay=14928, delays=14928/0.05/0/0, dsn=4.0.0,  
status=deferred (delivery temporarily suspended: host gateway- 
f2.isp.att.net[207.115.11.16] refused to talk to me: 450 too  
frequent connects from 63.240.86.13, please try again later.)



Thanks
LA


I don't think you need $mydestination in relay_domains.  And the  
rest of postconf -n would still be useful.




[snip]

smtpd_recipient_restrictions = permit_mynetworks, 
permit_sasl_authenticated,reject_unauth_destination, 
reject_invalid_hostname,reject_unauth_pipelining, 
reject_non_fqdn_sender,reject_unknown_sender_domain, 
reject_non_fqdn_recipient,reject_unknown_recipient_domain, 
reject_rbl_client blackholes.easynet.nl,reject_rbl_client  
cbl.abuseat.org,reject_rbl_client  
proxies.blackholes.wirehub.net,reject_rbl_client  
bl.spamcop.net,reject_rbl_client sbl.spamhaus.org, 
reject_rbl_client dnsbl.njabl.org,reject_rbl_client  
list.dsbl.org,reject_rbl_client multihop.dsbl.org,permit


You have a lot of stuff here that I'm not sure about, but the above,  
in particular, I think is wrong.


First, I don't think you should have "permit" as the last item.  That  
is probably your problem.  It should probably be "reject", or not  
there at all (at which point I think it defaults to "reject").


But while we're here, I don't think you can/should be putting the  
following in smtpd_recipient_restrictions:

reject_invalid_hostname (smtpd_helo_restrictions)
reject_unauth_pipelining (smtpd_data_restrictions)
reject_non_fdqn_sender (smtpd_sender_restrictions)
reject_unknown_sender_domain (smtpd_sender_restrictions)

The smtpd_recipient_restrictions should only hold conditions for the  
RCPT TO part of the smtp transaction.  Those settings listed above  
take place during other stages of the smtp transaction.  If you look  
at the Postfix documentation for smtpd_recipient_restrictions, you'll  
see what the valid options are for that setting.  In parenthesis, I  
put the setting which those options should go in, if you want them at  
all.  I'm not sure if giving these in smtpd_recipient_restrictions  
would do anything to Postfix (though I suspect Wietse has coded it to  
just ignore these mistakes).



[snip]


I'm not sure if you need everything that you put in your config; in  
some cases I suspect you're overriding defaults for no reason (which  
you shouldn't do; Postfix's default usually do the right thing).  But  
I'll leave the rest of your config for someone with a little more  
expertise to comment on...


(And I hope people will correct us if I've given you bad advice.)

-N.

Re: Likely Spam.

[Wietse Venema]

Neil:
> 
> On 20 Oct 2008, at 18:45, Linux Addict wrote:
> >
> > On Mon, Oct 20, 2008 at 6:41 PM, Neil <[EMAIL PROTECTED]> wrote:
> >
> > On 20 Oct 2008, at 18:39, Linux Addict wrote:
> >
> >>
> >>
> >> On Mon, Oct 20, 2008 at 6:33 PM, Neil <[EMAIL PROTECTED]> wrote:
> >> On 20 Oct 2008, at 18:24, Linux Addict wrote:
> >>
> >>> Hi, Looks like our MX servers are hit hard by a specific email  
> >>> address which is sending frequent mails trying to use our relay  
> >>> effectively many mail servers seems to be blacklisting.
> >>>
> >>>
> >>> Oct 20 18:20:05 mx01 postfix/qmgr[6512]: DBB784BE68E: from=<[EMAIL 
> >>> PROTECTED] 
> >>> >, size=3309, nrcpt=1 (queue active)
> >>> Oct 20 18:20:05 mx0  postfix/error[9345]: DA960E73E11: to=<[EMAIL 
> >>> PROTECTED] 
> >>> >, relay=none, delay=77080, delays=76950/130/0/0.01, dsn=4.4.1,  
> >>> status=deferred (delivery temporarily suspended: connect to  
> >>> exchange.net Connection timed out)
> >>>
> >>> Please help me stop this. Thank you!
> >>>
> >>> ~LA
> >>
> >> Unless I'm mistaken (and I'm not the most knowledgeable person on  
> >> this list), I think your server thinks it's okay to accept mail for  
> >> the domain "exchange.net" (and I'm assuming "exchange.net" isn't  
> >> yours).  So to fix this, you need to tell postfix only to accept  
> >> mail for your domains.  I think you should check my_destination,  
> >> relay_domains, etc.
> >>
> >> Post the output of "postconf -n".
> >>
> >> -N.
> >>
> >>
> >> Thanks for your reply.
> >>
> >>
> >> mydestination = $myhostname
> >> relay_domains = $mydestination
> >>
> >> Actually its not just exchange.net, most of the mails are being  
> >> sent to bellsouth.net
> >>
> >> Oct 20 18:37:27 mx01 postfix/qmgr[6597]: 5CE74D08FE1: from=<[EMAIL 
> >> PROTECTED] 
> >> >, size=3237, nrcpt=1 (queue active)
> >> Oct 20 18:37:27 mx01 postfix/error[6838]: 57AD01031088: to=<[EMAIL 
> >> PROTECTED] 
> >> >, relay=none, delay=14928, delays=14928/0.05/0/0, dsn=4.0.0,  
> >> status=deferred (delivery temporarily suspended: host gateway- 
> >> f2.isp.att.net[207.115.11.16] refused to talk to me: 450 too  
> >> frequent connects from 63.240.86.13, please try again later.)
> >>
> >>
> >> Thanks
> >> LA
> >
> > I don't think you need $mydestination in relay_domains.  And the  
> > rest of postconf -n would still be useful.
> >
> >
> >
> > [snip]
> >
> > smtpd_recipient_restrictions = permit_mynetworks, 
> > permit_sasl_authenticated,reject_unauth_destination, 
> > reject_invalid_hostname,reject_unauth_pipelining, 
> > reject_non_fqdn_sender,reject_unknown_sender_domain, 
> > reject_non_fqdn_recipient,reject_unknown_recipient_domain, 
> > reject_rbl_client blackholes.easynet.nl,reject_rbl_client  
> > cbl.abuseat.org,reject_rbl_client  
> > proxies.blackholes.wirehub.net,reject_rbl_client  
> > bl.spamcop.net,reject_rbl_client sbl.spamhaus.org, 
> > reject_rbl_client dnsbl.njabl.org,reject_rbl_client  
> > list.dsbl.org,reject_rbl_client multihop.dsbl.org,permit
> 
> You have a lot of stuff here that I'm not sure about, but the above,  
> in particular, I think is wrong.
> 
> First, I don't think you should have "permit" as the last item.  That  
> is probably your problem.  It should probably be "reject", or not  
> there at all (at which point I think it defaults to "reject").

Permit at the end is OK. He has reject_unauth_destination early in
smtpd_recipient_restrictions, so Postfix will accept only mail that
matches mydestination, relay_domains or one of the virtual_*_domains
tables.

Wietse

Postfix + openldap deliver each emails to Cyrus imapd +any IMAP server. Possible???

[Steven Truong]

Dear, all.  I am running into a scenario where I might need to deliver
the same incoming email for a user to 2 different IMAP servers.

Is there anyway to implement it with Postfix with its various transport maps?

I have for example [EMAIL PROTECTED] and I would like all emails for
this user to be delivered to 2 different imapd servers.  I would like
to do that because the first imap server store all emails in Mysql or
DB database and I do not like this architect so much.  I also have a
Cyrus IMAP server that has run for a couple of years without any
problems and I would like to have this Cyrus IMAP server as a
backup/archive of users emails.

I also think of another possiblities that instead of having this Cyrus
IMAP server, I might have a Mail ARCHIVA http://www.mailarchiva.com/
to backup all emails.  In this scenario I only have one IMAP server
that stores all emails in MySQL or DB database and if the database got
corrupted and I failed to recover its database then that would be
extremely bad and unacceptable. I might recover users' emails from
Mail Archiva but the process might be very tedious and cumbersome.

Is there anyway to achieve what I would like to do?

Thank you very much.

Re: Likely Spam.

[Charles Marcus]

On 10/20/2008 Linux Addict wrote:

mynetworks = /etc/postfix/network_table


Contents of this file could be instructive...

Re: Likely Spam.

[Linux Addict]

On Mon, Oct 20, 2008 at 9:53 PM, Charles Marcus
<[EMAIL PROTECTED]>wrote:

> On 10/20/2008 Linux Addict wrote:
>
>> mynetworks = /etc/postfix/network_table
>>
>
> Contents of this file could be instructive...
>


All I have on the file is RFC 1918 Address Space.

Re: Likely Spam.

[Noel Jones]

Linux Addict wrote:



On Mon, Oct 20, 2008 at 9:53 PM, Charles Marcus 
<[EMAIL PROTECTED] > wrote:


On 10/20/2008 Linux Addict wrote:

mynetworks = /etc/postfix/network_table


Contents of this file could be instructive...



All I have on the file is RFC 1918 Address Space. 



Track one of the QUEUEIDs and see where the mail entered your 
system.


Looks as if you're sending spam.  Maybe you have a compromised 
PC or a exploited web server, but you'll need to track the 
QUEUEID to see where it came from.


--
Noel Jones

Temporarily REJECTing *everything*

[Gerald V. Livingston II]

What do I need to change in main or master to 55x ALL MAIL for a while?

I've changed my MX records to point to a different host and I'll 
probably retask this one later, but, at the moment it is still set up to 
deliver mail that arrives with valid usernames and with the new MX 
records the only mail coming in will be spam sent direct using cached 
records.


I want to have it reject EVERYTHING for a while before I change the IP 
and retask it but I don't want to completely wipe out the current 
config, hopefully just add a directive that can be removed later. Being 
able to add text to the effect that our MX has changed would be nice so 
if any legitimate emails do come through there's a chance that a human 
will read the notice.


Thanks,

Gerald

Re: Temporarily REJECTing *everything*

[Nikita Kipriyanov]

Gerald V. Livingston II пишет:

What do I need to change in main or master to 55x ALL MAIL for a while?

For example, use
smtpd_helo_restrictions = reject
or any other smtpd_*_restrictions = reject


I've changed my MX records to point to a different host and I'll 
probably retask this one later, but, at the moment it is still set up 
to deliver mail that arrives with valid usernames and with the new MX 
records the only mail coming in will be spam sent direct using cached 
records.


I want to have it reject EVERYTHING for a while before I change the IP 
and retask it but I don't want to completely wipe out the current 
config, hopefully just add a directive that can be removed later. 
Being able to add text to the effect that our MX has changed would be 
nice so if any legitimate emails do come through there's a chance that 
a human will read the notice.


Thanks,

Gerald

Re: Likely Spam.

[Nikita Kipriyanov]

Linux Addict пишет:

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 50
disable_vrfy_command = yes
fallback_transport = maildrop
header_checks = regexp:/etc/postfix/header_checks
home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
  



local_recipient_maps = proxy:unix:passwd.byname $virtual_alias_maps $alias_maps
  

Why virtual_alias_maps is here? I think, it is a mistake; to use virtual
domains, define other variables, and leave local_* in rest. If incoming
mail belongs to any virtual domain (from virtual_alias_domains or
virtual_mailbox_domains), it checked against virtual_alias_maps and
virtual_mailbox_maps; local_* aren't used.

mail_owner = postfix
mail_spool_directory = /var/spool/mail
mailq_path = /usr/bin/mailq
manpage_directory = /usr/local/man
mydestination = $myhostname
mydomain = example.net
myhostname = mx02.example.net
mynetworks = /etc/postfix/network_table
mynetworks_style = class
myorigin = $myhostname
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = no
relay_domains = $mydestination
  

relay domains is list of domains for which this server is a backup MX.
You're setting a primary MX host, right?

sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtp_tls_note_starttls_offer = yes
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, reject_non_fqdn_hostname,
  reject_invalid_hostname, permit
smtpd_recipient_limit = 300
smtpd_recipient_restrictions = permit_mynetworks,
 permit_sasl_authenticated,reject_unauth_destination,
 reject_invalid_hostname,reject_unauth_pipelining,
 reject_non_fqdn_sender,reject_unknown_sender_domain,
 reject_non_fqdn_recipient,reject_unknown_recipient_domain,
 reject_rbl_client blackholes.easynet.nl,reject_rbl_client
cbl.abuseat.org,reject_rbl_client proxies.blackholes.wirehub.net,
 reject_rbl_client bl.spamcop.net,reject_rbl_client sbl.spamhaus.org,
 reject_rbl_client dnsbl.njabl.org,reject_rbl_client list.dsbl.org,
 reject_rbl_client multihop.dsbl.org,permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /usr/share/ssl/certs/cacert.pem
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /usr/share/ssl/certs/cert.pem
smtpd_tls_key_file = /usr/share/ssl/certs/key.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_exchange_name = /var/lib/postfix/prng_exch
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
virtual_alias_maps = hash:/etc/postfix/maps/pf_aliases
virtual_gid_maps = static:102
virtual_mailbox_base = /home/vmail
virtual_mailbox_domains = hash:/etc/postfix/maps/pf_domain
virtual_mailbox_limit = 5120
virtual_mailbox_maps = hash:/etc/postfix/maps/pf_domain_mailboxes
virtual_minimum_uid = 102
virtual_transport = maildrop
virtual_uid_maps = static:102