Header/body checks question, problem.

[KLaM Postmaster]

I am having a problem with some legitimate emails being rejected by
header and/or body checks. Both the header and body checks are from
Jeffrey Posluns' write up,without any mods.
Among the stuff being rejected is the output of pflogsumm, I run a daily
a report and email it to postmaster. I was not getting the reports so I
checked the maillog and found that these messages, among others, were
being rejected with "Your email is not using a proper character set.
...". In the case of pflogsumm, and some of the other automatic email, I
really don't have much say in its internal format.

1) As I try to control spam by using amavisd, spamassassin, clamv,
postgrey and so far seem doing OK (touch wood), are header and/or body
check worthwhile as an anti-spam measures. Could they be dropped.

2) If they are worthwhile, is there a way of not applying them to all 
mail except that destined for postmaster. If I understood the
documentation it would seem that  these checks are applied by "cleanup"
after the other checks have been completed and are not susceptible to
access checks. If this is the case, is there some other way of making
them conditional on recipient, something like an access list to these
checks.

=

As I administer a very small number of virtual users I put the attached
script together to help me. Any thoughts, ways of doing the same thing
only better etc.

TIA
JLA

#!/bin/bash
#
# Copyright (C) 2007 John L Allen 
#
#This program is free software; you can redistribute it and/or modify
#it under the terms of the GNU General Public License as published by
#the Free Software Foundation; either version 2 of the License, or
#(at your option) any later version.
#
#This program is distributed in the hope that it will be useful,
#but WITHOUT ANY WARRANTY; without even the implied warranty of
#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#GNU General Public License for more details.
#
#You should have received a copy of the GNU General Public License along
#with this program; if not, write to the Free Software Foundation, Inc.,
#51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
#
#
#  setup global variables 
#  - user 
#  - domain
#  - password
user=''
domain=''
passwd=''
#
#  - paths as variables to make debugging easier
#
dovecot_dir='/etc/dovecot'  # location of Dovecot users and 
password files
postfix_dir='/etc/postfix/maps' # loction of postfix configuration files
uid='vmail' # uid of virtual mailboxes
gid='vmail' # gid of virtual 
mailboxes
maildir='/var/mail/vhosts/' # location of virtual mailboxes

display_usage ()
{
echo "usage is ./freda options email_address  [password]"
echo "  options are: -a | --add Add a virtual email user, this adds 
a user record to the Dovecot user file,"
echo "  the Dovecot password file, and the 
Postfix virtual mailbox map."
echo " "
echo "   -u | --update  Updates user information."
echo "  The only field that can be updated 
is the password."
echo " "
echo "   -d | --delete  Removes a user. removes entries in 
all files,"
echo "  includes deleting the users 
/Maildir and all its content (disabled)."
echo " "
echo "   -l | --lockLocks a user out by disabling their 
password."
echo " "
echo "   -e | --enable  Unlocks a user out by enabling 
their password."
echo " "
echo "  Note: if the password is not entered on the command line the 
user will be prompted for one."
}
#
#
#
if (( $# < 2 )) 
# check 
we have enough parameters
then 
display_usage   
# not 
enough display usage data
exit 1  

# bye bye
fi

if grep -q "$2" "$dovecot_dir/users";   
# is this user already on file
then
if [[ "$1" == "--add" || "$1" == "-a" ]]
# yes, are we trying to add 
them again
then 
echo "$2 already in the dovecot user file, try 
another option." # yep, and that's a problem
exit 2  
   

Re: Postix relay gateway - "Recipient address rejected" notification verbosity ...

[mouss]

Antony a écrit :
> Happy new year to all of you ! ;o)
> 

Bonne année!

>  [snip]
> 
> smtpd_recipient_restrictions =
> 
> reject_invalid_hostname,
> 
> reject_non_fqdn_helo_hostname,
> 
> reject_non_fqdn_hostname,
> 

this is the same as reject_non_fqdn_helo_hostname



> reject_non_fqdn_sender,
> 
> reject_non_fqdn_recipient,
> 
> reject_unknown_sender_domain,
> 
> reject_unknown_recipient_domain,
> 



put reject_unlisted_recipient here.


> reject_unverified_recipient,
> 
> reject_invalid_helo_hostname,

this is the same as reject_invalid_hostname above.

> reject_unlisted_recipient,
see above.

> 
> check_recipient_maps,

what's this?

> 
> reject_unlisted_sender,
> 
> permit_mynetworks,
> 
> permit_sasl_authenticated,
> 
> reject_unauth_destination,
> 
> reject_rbl_client bl.spamcop.net,
> 
> reject_rbl_client list.dsbl.org,

dsbl is dead.

> 
> reject_rbl_client zen.spamhaus.org,
> 
> reject_rbl_client cbl.abuseat.org,

cbl is included in zen, so remove it.

> 
> check_policy_service inet:127.0.0.1:6,
> 

Re: Allowing return email

[mouss]

Ralf Hildebrandt a écrit :
> * postfix@cmulcahy.com :
>> Greetings:
>>
>> I'm running several spam-filtering tools including Postgrey,  
>> SpamAssassin, etc.  I would like to make replying to mail I have sent  
>> easier. 
>>
>> How can I automatically white-list addresses to whom I have sent email? 
> 
> SpamAssassin has "PenPals" for exactly that
> 

you mean amavisd-new?

Re: Header/body checks question, problem.

[Wietse Venema]

KLaM Postmaster:
> Among the stuff being rejected is the output of pflogsumm, I run a daily
> a report and email it to postmaster. I was not getting the reports so I

See http://www.postfix.org/http://www.postfix.org/BUILTIN_FILTER_README.html
section "Preventing daily mail status reports from being blocked".

Wietse

Re: localhost and smarthost

[Asif Iqbal]

On Sun, Jan 4, 2009 at 6:11 AM, mouss  wrote:
> Asif Iqbal a écrit :
>> Hi All
>>
>> All my email gets relayed thru gmail as it should. But how do I tell
>> it to send all localemails to local spool and not send it to gmail?

I see qmgr sends the mail to smtp and local like in this flowchart

http://www.postfix.org/OVERVIEW.html#delivering

How do I tell qmgr which one should be delivered to local and which one to smtp?

>>
>
> what kind of "localemails"? if these use a local domain, add the domain
> to mydestination. if they use an external domain, use
> virtual_alias_maps. for example:
>
> vad...@gmail.comiq...@localhost
>
>
>> My laptop does not have any valid domain
>>
>
> You could get a free one at dyndns.
>
>> My postfix configured like this
>>
>> iqb...@ghar-iqbala:~$ postconf -n
>> alias_database = hash:/etc/aliases
>> alias_maps = hash:/etc/aliases
>> append_dot_mydomain = no
>> biff = no
>> config_directory = /etc/postfix
>> inet_interfaces = all
>> mailbox_size_limit = 0
>> mydestination = ghar, ghar-iqbala, localhost.localdomain, localhost
>> myhostname = ghar-iqbala
>
> myhostname should be fqdn.
>
>> mynetworks = 127.0.0.0/8 [:::127.0.0.0]/104 [::1]/128
>> readme_directory = no
>> recipient_delimiter = +
>> relayhost = [smtp.gmail.com]:submission
>> smtp_sasl_auth_enable = yes
>> smtp_sasl_password_maps = hash:/etc/postfix/sasl/passwd
>> smtp_sasl_security_options = noanonymous
>> smtp_sasl_type = cyrus
>> smtp_tls_security_level = encrypt
>> smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
>> smtp_use_tls = yes
>> smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
>> smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
>> smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
>> smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
>> smtpd_use_tls = yes
>>
>>
>>
>
>



-- 
Asif Iqbal
PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu

Re: Allowing return email

[postfix . org]

Ralf Hildebrandt wrote:
How can I automatically white-list addresses to whom I have sent email? 


SpamAssassin has "PenPals" for exactly that
  

you mean amavisd-new?


Ah, yes, I suck. I expect everybody to use amavisd-new to integrate SA
:)
  
Thanks for all of the advice.  I'm going to check out amavisd-new to see 
what it is and figure out if I can make it work.  After that, I'll look 
into parsing my outgoing mail and creating the whitelist. 


I'll let you know what I learn.

Thanks,
Chris

Re: syslog convert to lowercase

[Henrik K]

On Sun, Jan 04, 2009 at 08:33:12PM +0530, Ramprasad wrote:
>
> My logfiles are approx 1.5 GB each, if we rotate twice a day
> grep sender.*recipient $logfile is really much much  faster than  grep
> -i sender.*recipient $logfile
> IMHO grep would  not count as lousy code ( on linux )

And are you sure you tested this scientifically with multiple runs? OS
cache might play a factor there.

RE: Postix relay gateway - "Recipient address rejected" notification verbosity ...

[Antony]

My version is an etch 2.3.8.
Even if I'm french, I think my version number is in the scope ;o)

Here are the postfix log I omit to give you :

Jan  3 22:53:03 mx1 postfix/smtpd[16104]: connect from
postfix2-g20.free.fr[212.27.60.43]
Jan  3 22:53:03 mx1 postfix/cleanup[16114]: ED3552DE159:
message-id=<20090103215303.ed3552de...@mx1.mydomain.com>
Jan  3 22:53:03 mx1 postfix/qmgr[16093]: ED3552DE159:
from=, size=289, nrcpt=1 (queue active)
Jan  3 22:53:04 mx1 postfix/smtp[16115]: ED3552DE159:
to=, relay=mx2.mydomain.com[xx.xx.xx.xx]:25, delay=0.5,
delays=0.01/0.02/0.08/0.39, dsn=5.1.1, status=undeliverable (host
mx2.mydomain.com[xx.xx.xx.xx] said: 550 5.1.1 :
Recipient address rejected: User unknown in local recipient table (in reply
to RCPT TO command))
Jan  3 22:53:04 mx1 postfix/qmgr[16093]: ED3552DE159: removed
Jan  3 22:53:06 mx1 postfix/smtpd[16104]: NOQUEUE: reject: RCPT from
postfix2-g20.free.fr[212.27.60.43]: 550 5.1.1 :
Recipient address rejected: undeliverable address: host
mx2.mydomain.com[xx.xx.xx.xx] said: 550 5.1.1 :
Recipient address rejected: User unknown in local recipient table (in reply
to RCPT TO command); from= to=
proto=ESMTP helo=
Jan  3 22:53:07 mx1 postfix/smtpd[16104]: disconnect from
postfix2-g20.free.fr[212.27.60.43]

Regards,
Antony

-Message d'origine-
De : Wietse Venema [mailto:wie...@porcupine.org] 
Envoyé : dimanche 4 janvier 2009 00:55
À : anto_neohap...@abruti.org
Cc : 'Postfix users'
Objet : Re: Postix relay gateway - "Recipient address rejected" notification
verbosity ...

Antony:
> I have tried to add :
> unverified_recipient_reject_reason = Unknown user !
> 
> but no way, the error message is the same ...

v
Postfix 2.6 and later allow you to override the SMTP server
^ 
response with the unverified_recipient_reject_reason parameter.


> Antony
> 
> -Message d'origine-
> De?: owner-postfix-us...@postfix.org
> [mailto:owner-postfix-us...@postfix.org] De la part de Wietse Venema
> Envoy??: dimanche 4 janvier 2009 00:36
> ??: Postfix users
> Objet?: Re: Postix relay gateway - "Recipient address rejected"
notification
> verbosity ...
> 
> Postfix 2.6 and later allow you to override the SMTP server
> response with the unverified_recipient_reject_reason parameter.
> 
> See http://www.postfix.org/ADDRESS_VERIFICATION_README.html
> 
>   Wietse


!DSPAM:495ffaff74371607148689!

[RESOLVED] Postix relay gateway - "Recipient address rejected" notification verbosity ...

[Antony]

Nice !!

Jan  4 12:13:00 mx1 postfix/smtpd[17608]: connect from
smtp7-g19.free.fr[212.27.42.64]
Jan  4 12:13:00 mx1 postfix/smtpd[17608]: NOQUEUE: reject: RCPT from
smtp7-g19.free.fr[212.27.42.64]: 550 5.1.1 : Recipient
address rejected: User unknown; from= to=
proto=ESMTP helo=
Jan  4 12:13:00 mx1 postfix/smtpd[17608]: disconnect from
smtp7-g19.free.fr[212.27.42.64]

"check_recipient_maps" remains from previous attempts, my mistake.
"reject_unlisted_recipient" should be placed before
"reject_unverified_recipient", that's what I missed ...

3 is lower than 6, 
3 is lower than 6,
3 is lower than 6, 
3 is lower than 6,
3 is lower than 6, 
3 is lower than 6,
...

Thank you all !!

Antony



-Message d'origine-
De : mouss [mailto:mo...@ml.netoyen.net] 
Envoyé : dimanche 4 janvier 2009 12:06
À : anto_neohap...@abruti.org
Cc : postfix-users@postfix.org
Objet : Re: Postix relay gateway - "Recipient address rejected" notification
verbosity ...

Antony a écrit :
> Happy new year to all of you ! ;o)
> 

Bonne année!

>  [snip]
> 
> smtpd_recipient_restrictions =
> 
> reject_invalid_hostname,
> 
> reject_non_fqdn_helo_hostname,
> 
> reject_non_fqdn_hostname,
> 

this is the same as reject_non_fqdn_helo_hostname



> reject_non_fqdn_sender,
> 
> reject_non_fqdn_recipient,
> 
> reject_unknown_sender_domain,
> 
> reject_unknown_recipient_domain,
> 



put reject_unlisted_recipient here.


> reject_unverified_recipient,
> 
> reject_invalid_helo_hostname,

this is the same as reject_invalid_hostname above.

> reject_unlisted_recipient,
see above.

> 
> check_recipient_maps,

what's this?

> 
> reject_unlisted_sender,
> 
> permit_mynetworks,
> 
> permit_sasl_authenticated,
> 
> reject_unauth_destination,
> 
> reject_rbl_client bl.spamcop.net,
> 
> reject_rbl_client list.dsbl.org,

dsbl is dead.

> 
> reject_rbl_client zen.spamhaus.org,
> 
> reject_rbl_client cbl.abuseat.org,

cbl is included in zen, so remove it.

> 
> check_policy_service inet:127.0.0.1:6,
> 



!DSPAM:49609839321161513917610!

How to relay AND store all emails on a gateway ?

[Antony]

I slept some hours, my mind is relaxed and less confused than those
last days, let's go ! ;o)

Thanks to Wietse and mouss, my gateway is now fully functional, and relays
emails to my server :
   Internet --> mx1.mydomain.com[my gateway with postfix] -->
mx2.mydomain.com (only MX1 acts as a DNS MX for all emails sent to
mydomain.com)
First goal is achieved.

Next step (in a few month) will be to migrate our mx2 email server from
Lotus Notes to mx1, which will be in a few month our final email sever.

Then I'm searching for the right solution not only to forward emails to mx2,
but to store all of them (dovecot) on mx1 in Maildir format.
Actually, I did not find any answer on the subject. Either emails are
relayed, either they are stored ...
Is it possible, and what is the nicest native solution according to such a
configuration please ?

Regards,
Antony

-
#cat main.cf |grep -v "#"
invalid_hostname_reject_code = 550
multi_recipient_bounce_reject_code = 550
non_fqdn_reject_code = 550
unknown_sender_reject_code = 550
unknown_virtual_alias_reject_code = 550
unknown_virtual_mailbox_reject_code = 550
unverified_recipient_reject_code = 550
show_user_unknown_table_name = no
smtpd_banner = Mailbox Machine
biff = no
disable_vrfy_command = yes
smtpd_helo_required = yes
append_dot_mydomain = no
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
mydestination =
local_recipient_maps =
local_transport = error:local mail delivery is disabled
myorigin = mydomain.com
mynetworks = 127.0.0.0/8
parent_domain_matches_subdomains = debug_peer_list, smtpd_access_maps
relay_recipient_maps = hash:/etc/postfix/relay_recipients
relay_domains = mydomain.com
transport_maps = hash:/etc/postfix/transport
show_user_unknown_table_name = no
virtual_alias_maps = hash:/etc/postfix/virtual
smtpd_client_restrictions =
smtpd_helo_restrictions =
smtpd_sender_restrictions =
smtpd_recipient_restrictions =
reject_invalid_hostname,
reject_non_fqdn_helo_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unlisted_recipient,
reject_unverified_recipient,
reject_unlisted_sender,
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_rbl_client bl.spamcop.net,
reject_rbl_client zen.spamhaus.org,
check_policy_service inet:127.0.0.1:6,
permit
smtpd_data_restrictions =
reject_unauth_pipelining,
permit
smtpd_end_of_data_restrictions =


# cat virtual
postmaster  ad...@mydomain.com
abuse   ad...@mydomain.com
rootad...@mydomain.com


cat relay_recipients
to...@mydomain.com  xx


# cat transport
mydomain.com smtp:[mx2.mydomain.com]


#cat master.cf |grep local
#local unix  -   n   n   -   -   local

Relaying/forwarding query

[Nigel Gilbert]

I have Postfix running on dusty.soc.surrey.ac.uk.  I would like mail from
the internet addressed to unknown local users on this server (e.g. to
x...@soc.surrey.ac.uk) to be re-addressed and forwarded to the mail server at
surrey.ac.uk, for example, mail to x...@soc.surrey.ac.uk should be
re-addressed as though it had been originally sent to x...@surrey.ac.uk and
forwarded on to surrey.ac.uk for delivery.

Is this possible, and if so, how?


Many thanks

Nigel Gilbert



sh-3.2# postconf -c . -n
alias_database = hash:/usr/local/cutedge/postfix/etc/aliases
alias_maps = hash:/usr/local/cutedge/postfix/etc/aliases
biff = no
command_directory = /usr/sbin
config_directory = .
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
html_directory = no
inet_interfaces = all
mail_owner = _postfix
mailbox_size_limit = 0
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
message_size_limit = 0
mydomain_fallback = localhost
newaliases_path = /usr/bin/newaliases
queue_directory = /private/var/spool/postfix
readme_directory = /usr/share/doc/postfix
sample_directory = /usr/share/doc/postfix/examples
sendmail_path = /usr/sbin/sendmail
setgid_group = _postdrop
smtpd_sender_restrictions = check_sender_access
hash:/usr/local/cutedge/postfix/etc/access
unknown_local_recipient_reject_code = 550


Professor Nigel Gilbert, ScD, FREng, AcSS, Professor of Sociology,
University of Surrey, Guildford GU2 7XH, UK. +44 (0)1483 689173

Re: syslog convert to lowercase

[Victor Duchovni]

On Sun, Jan 04, 2009 at 08:33:12PM +0530, Ramprasad wrote:

> My logfiles are approx 1.5 GB each, if we rotate twice a day
> grep sender.*recipient $logfile is really much much  faster than  grep
> -i sender.*recipient $logfile
> IMHO grep would  not count as lousy code ( on linux )

Use "egrep -i", and make sure you have "LANG=C" in the environment (or
equivalent). Doing case-insensitive Unicode matches is likely much more
painful than ASCII matches.

-- 
Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:


If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.

RE: Postix relay gateway - "Recipient address rejected" notification verbosity ...

[PauAmma]

On Sun, 4 Jan 2009, Antony wrote:


My version is an etch 2.3.8.
Even if I'm french, I think my version number is in the scope ;o)


Even in France, I think 6 is greater than 3...


Here are the postfix log I omit to give you :

Jan  3 22:53:03 mx1 postfix/smtpd[16104]: connect from
postfix2-g20.free.fr[212.27.60.43]
Jan  3 22:53:03 mx1 postfix/cleanup[16114]: ED3552DE159:
message-id=<20090103215303.ed3552de...@mx1.mydomain.com>
Jan  3 22:53:03 mx1 postfix/qmgr[16093]: ED3552DE159:
from=, size=289, nrcpt=1 (queue active)
Jan  3 22:53:04 mx1 postfix/smtp[16115]: ED3552DE159:
to=, relay=mx2.mydomain.com[xx.xx.xx.xx]:25, delay=0.5,
delays=0.01/0.02/0.08/0.39, dsn=5.1.1, status=undeliverable (host
mx2.mydomain.com[xx.xx.xx.xx] said: 550 5.1.1 :
Recipient address rejected: User unknown in local recipient table (in reply
to RCPT TO command))
Jan  3 22:53:04 mx1 postfix/qmgr[16093]: ED3552DE159: removed
Jan  3 22:53:06 mx1 postfix/smtpd[16104]: NOQUEUE: reject: RCPT from
postfix2-g20.free.fr[212.27.60.43]: 550 5.1.1 :
Recipient address rejected: undeliverable address: host
mx2.mydomain.com[xx.xx.xx.xx] said: 550 5.1.1 :
Recipient address rejected: User unknown in local recipient table (in reply
to RCPT TO command); from= to=
proto=ESMTP helo=
Jan  3 22:53:07 mx1 postfix/smtpd[16104]: disconnect from
postfix2-g20.free.fr[212.27.60.43]

Regards,
Antony

-Message d'origine-
De : Wietse Venema [mailto:wie...@porcupine.org]
Envoyé : dimanche 4 janvier 2009 00:55
À : anto_neohap...@abruti.org
Cc : 'Postfix users'
Objet : Re: Postix relay gateway - "Recipient address rejected" notification
verbosity ...

Antony:

I have tried to add :
unverified_recipient_reject_reason = Unknown user !

but no way, the error message is the same ...


v
Postfix 2.6 and later allow you to override the SMTP server
^
response with the unverified_recipient_reject_reason parameter.



Antony

-Message d'origine-
De?: owner-postfix-us...@postfix.org
[mailto:owner-postfix-us...@postfix.org] De la part de Wietse Venema
Envoy??: dimanche 4 janvier 2009 00:36
??: Postfix users
Objet?: Re: Postix relay gateway - "Recipient address rejected"

notification

verbosity ...

Postfix 2.6 and later allow you to override the SMTP server
response with the unverified_recipient_reject_reason parameter.

See http://www.postfix.org/ADDRESS_VERIFICATION_README.html

Wietse



!DSPAM:495ffaff74371607148689!

Change message error

[Michael JOLY]

Hello,

Can we change or personalize the message sent automatically by postfix such
as the "mail delivery system" message

Thanks a lot.

Mick

Re: Header/body checks question, problem.

[mouss]

KLaM Postmaster a écrit :
> I am having a problem with some legitimate emails being rejected by
> header and/or body checks. Both the header and body checks are from
> Jeffrey Posluns' write up,without any mods.
> Among the stuff being rejected is the output of pflogsumm, I run a daily
> a report and email it to postmaster. I was not getting the reports so I
> checked the maillog and found that these messages, among others, were
> being rejected with "Your email is not using a proper character set.
> ...". 


if header/body checks reject legitimate mail, then something is wrong.

> In the case of pflogsumm, and some of the other automatic email, I
> really don't have much say in its internal format.
> 
> 1) As I try to control spam by using amavisd, spamassassin, clamv,
> postgrey and so far seem doing OK (touch wood), are header and/or body
> check worthwhile as an anti-spam measures. Could they be dropped.
> 

header and body checks can be used to reject some spam (forged received
headers, "banned" attachment types, ...), but not as a general content
filter.

> 2) If they are worthwhile, is there a way of not applying them to all 
> mail except that destined for postmaster.

you can't. but they can be skipped for mail submitted via the sendmail
command. for that, define a specific cleanup and use it in pickup (in
master.cf).

but this is not a good idea. The fact that these checks are catching
your legitimate mail is an indication that they could reject legitimate
mail from others and to other users.

> If I understood the
> documentation it would seem that  these checks are applied by "cleanup"
> after the other checks have been completed and are not susceptible to
> access checks. If this is the case, is there some other way of making
> them conditional on recipient, something like an access list to these
> checks.
> 
> =
> 
> As I administer a very small number of virtual users I put the attached
> script together to help me. Any thoughts, ways of doing the same thing
> only better etc.
> 
> TIA
> JLA
> 
> 

Re: syslog convert to lowercase

[Ramprasad]

Terry Carmen wrote:

Henrik K wrote:

On Sat, Jan 03, 2009 at 04:51:04PM +0530, ram wrote:
 

Can all the logs be made in lowercase only atleast the sender and the
recipient emailids

Since we have huge logs, searching for something in the logs is quite
expensive. And doing it case insensitive really sucks the resources
If postfix could log everything in lowercase then that would help a 
lot 


Pretty funny stuff as my egrep chews happily 140MB/s, whether it's case
insensitive or not.. you must use really lousy code.
  


I was going to mention that. Case sensitivity is generally implemented 
in low level code in whatever string library is used. If you can tell 
the difference, someone did a horrible job.


Terry


My logfiles are approx 1.5 GB each, if we rotate twice a day
grep sender.*recipient $logfile is really much much  faster than  grep
-i sender.*recipient $logfile
IMHO grep would  not count as lousy code ( on linux )

Thanks
Ram

Re: Change message error

[Sahil Tandon]

Michael JOLY wrote:

> Can we change or personalize the message sent automatically by postfix such
> as the "mail delivery system" message

http://www.postfix.org/bounce.5.html
http://www.postfix.org/postconf.5.html#bounce_template_file

-- 
Sahil Tandon 

Re: localhost and smarthost

[mouss]

Asif Iqbal a écrit :
> Hi All
> 
> All my email gets relayed thru gmail as it should. But how do I tell
> it to send all localemails to local spool and not send it to gmail?
> 

what kind of "localemails"? if these use a local domain, add the domain
to mydestination. if they use an external domain, use
virtual_alias_maps. for example:

vad...@gmail.comiq...@localhost


> My laptop does not have any valid domain
> 

You could get a free one at dyndns.

> My postfix configured like this
> 
> iqb...@ghar-iqbala:~$ postconf -n
> alias_database = hash:/etc/aliases
> alias_maps = hash:/etc/aliases
> append_dot_mydomain = no
> biff = no
> config_directory = /etc/postfix
> inet_interfaces = all
> mailbox_size_limit = 0
> mydestination = ghar, ghar-iqbala, localhost.localdomain, localhost
> myhostname = ghar-iqbala

myhostname should be fqdn.

> mynetworks = 127.0.0.0/8 [:::127.0.0.0]/104 [::1]/128
> readme_directory = no
> recipient_delimiter = +
> relayhost = [smtp.gmail.com]:submission
> smtp_sasl_auth_enable = yes
> smtp_sasl_password_maps = hash:/etc/postfix/sasl/passwd
> smtp_sasl_security_options = noanonymous
> smtp_sasl_type = cyrus
> smtp_tls_security_level = encrypt
> smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
> smtp_use_tls = yes
> smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
> smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
> smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
> smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
> smtpd_use_tls = yes
> 
> 
> 

Problem with notification message

[Michael JOLY]

Hello, i have a problem with notification when i sent a mail. I receive an
error message but the mail is correctly sent and receive. It's a problem
with the virtual address in my posfix.

This is the error :


This is the mail system at host x



I'm sorry to have to inform you that your message could not be delivered to
one or more recipients. It's attached below.



For further assistance, please send mail to postmaster.



If you do so, please include this problem report. You can delete your own
text from the attached returned message.



   The mail system



 (expanded from x...@xxx.fr ):

data

format error. Command output: : Mailbox does not exist : Mailbox does
not

exist : Mailbox does not exist : Mailbox does not exist : Mailbox does
not

exist



 (expanded from >):

data

format error. Command output: : Mailbox does not exist : Mailbox does
not

exist : Mailbox does not exist : Mailbox does not exist : Mailbox does
not

exist



Thanks



Mick

Re: Relaying/forwarding query

[Sahil Tandon]

Nigel Gilbert wrote:

> I have Postfix running on dusty.soc.surrey.ac.uk.  I would like mail from
> the internet addressed to unknown local users on this server (e.g. to
> x...@soc.surrey.ac.uk) to be re-addressed and forwarded 

Before continuing, please clarify: are the unknown local users known
relay recipients?  Or are you trying to devise some sort of 'catch-all'
that forwards *all* mail to unknown users (local or otherwise) to this
other mail server?  The latter is a bad idea.

[...]

-- 
Sahil Tandon 

Re: Compile error Slackware 12.2 postfix 2.5.6 smtp_reuse.c

[Wietse Venema]

This is the result of a cut-and-paste error. I have re-issued the releases.

Wietse

Re: Problem with notification message

[Sahil Tandon]

Michael JOLY wrote:

> Hello, i have a problem with notification when i sent a mail. I receive an
> error message but the mail is correctly sent and receive. It's a problem
> with the virtual address in my posfix.

How did you diagnose the problem to your virtual address?

> This is the error :
> 
> This is the mail system at host x

Is your system x?  If so, then your system is simply
informing you that the message bounced according to what the receiving
MTA told Postfix.  If you want more help, show some related logs and the
output of 'postconf -n'.  Also see:
http://www.postfix.org/DEBUG_README.html#mail

-- 
Sahil Tandon 

Re: Allowing return email

[Ralf Hildebrandt]

* mouss :
> Ralf Hildebrandt a écrit :
> > * postfix@cmulcahy.com :
> >> Greetings:
> >>
> >> I'm running several spam-filtering tools including Postgrey,  
> >> SpamAssassin, etc.  I would like to make replying to mail I have sent  
> >> easier. 
> >>
> >> How can I automatically white-list addresses to whom I have sent email? 
> > 
> > SpamAssassin has "PenPals" for exactly that
> > 
> 
> you mean amavisd-new?

Ah, yes, I suck. I expect everybody to use amavisd-new to integrate SA
:)

-- 
Ralf Hildebrandt (ralf.hildebra...@charite.de)  snick...@charite.de
Postfix - Einrichtung, Betrieb und Wartung   Tel. +49 (0)30-450 570-155
http://www.arschkrebs.de
"The POP3 server service depends on the SMTP server service, which
failed to start because of the following error: The operation
completed successfully." (Windows NT Server v3.51) 

Re: Allowing return email

[Ralf Hildebrandt]

* postfix@cmulcahy.com :
> Greetings:
>
> I'm running several spam-filtering tools including Postgrey,  
> SpamAssassin, etc.  I would like to make replying to mail I have sent  
> easier. 
>
> How can I automatically white-list addresses to whom I have sent email? 

SpamAssassin has "PenPals" for exactly that

-- 
Ralf Hildebrandt (ralf.hildebra...@charite.de)  snick...@charite.de
Postfix - Einrichtung, Betrieb und Wartung   Tel. +49 (0)30-450 570-155
http://www.arschkrebs.de
Having an email problem is painful, but character-building.

Re: localhost and smarthost

[mouss]

Asif Iqbal a écrit :
> On Sun, Jan 4, 2009 at 6:11 AM, mouss  wrote:
>> Asif Iqbal a écrit :
>>> Hi All
>>>
>>> All my email gets relayed thru gmail as it should. But how do I tell
>>> it to send all localemails to local spool and not send it to gmail?
> 
> I see qmgr sends the mail to smtp and local like in this flowchart
> 
> http://www.postfix.org/OVERVIEW.html#delivering
> 
> How do I tell qmgr which one should be delivered to local and which one to 
> smtp?
> 

maybe by reading what I said? or should I repeat? if so, let's go:

- what do you mean by "localemails"? which mail do you want to deliver
locally?

- if it's for specific addresses, use virtual_alias_maps as I already said.

Re: Relaying/forwarding query

[Nigel Gilbert]

On 04/01/2009 19:33, "Sahil Tandon"  wrote:

> Nigel Gilbert wrote:
> 
>> I have Postfix running on dusty.soc.surrey.ac.uk.  I would like mail from
>> the internet addressed to unknown local users on this server (e.g. to
>> x...@soc.surrey.ac.uk) to be re-addressed and forwarded
> 
> Before continuing, please clarify: are the unknown local users known
> relay recipients?  Or are you trying to devise some sort of 'catch-all'
> that forwards *all* mail to unknown users (local or otherwise) to this
> other mail server?  The latter is a bad idea.
> 
> [...]

The latter, but although it may in general be a bad idea, (1) the other
server (surrey.ac.uk) is well set up for catching and dealing with spam etc.
(e.g. all mail sent to it is processed through messagelabs span filtering),
and (2) there is no easily accessible list of users that are known on
surrey.ac.uk, but unknown to soc.surrey.ac.uk.

Nigel



Professor Nigel Gilbert, ScD, FREng, AcSS, Professor of Sociology,
University of Surrey, Guildford GU2 7XH, UK. +44 (0)1483 689173

Re: Problem with notification message

[Michael JOLY]

yes my system is .

This is the mail system at host x
in the example after, z...@z.fr is the virtual address  and
yyy...@localhost is the local account.
 (expanded from z...@z.fr):
data
format error. Command output: : Mailbox does not exist : Mailbox does
not
exist : Mailbox does not exist : Mailbox does not exist : Mailbox does
not
exist

i can't give you my conf because i have no access to the server before
tomorrow



2009/1/4 Sahil Tandon 

> Michael JOLY wrote:
>
> > Hello, i have a problem with notification when i sent a mail. I receive
> an
> > error message but the mail is correctly sent and receive. It's a problem
> > with the virtual address in my posfix.
>
> How did you diagnose the problem to your virtual address?
>
> > This is the error :
> >
> > This is the mail system at host x
>
> Is your system x?  If so, then your system is simply
> informing you that the message bounced according to what the receiving
> MTA told Postfix.  If you want more help, show some related logs and the
> output of 'postconf -n'.  Also see:
> http://www.postfix.org/DEBUG_README.html#mail
>
> --
> Sahil Tandon 
>

Compile error Slackware 12.2 postfix 2.5.6 smtp_reuse.c

[memmas]

Hi..
I'm using slackware 12.2 and I get the following error when trying to 
compile postfix-2.5.6


gcc -Wmissing-prototypes -Wformat -DUSE_TLS -DUSE_SASL_AUTH 
-DUSE_CYRUS_SASL -I/usr/include/sasl -DUSE_SSL -I/usr/include/openssl 
-DHAS_LDAP -I/usr/include -DHAS_MYSQL -I/usr/include/mysql -DHAS_PCRE  
-g -O -I. -I../../include -DLINUX2 -c smtp_reuse.c

smtp_reuse.c: In function 'smtp_reuse_common':
smtp_reuse.c:219: error: 'stream' undeclared (first use in this function)
smtp_reuse.c:219: error: (Each undeclared identifier is reported only once
smtp_reuse.c:219: error: for each function it appears in.)
make: *** [smtp_reuse.o] Error 1
make: *** [update] Error 1

Re: How to relay AND store all emails on a gateway ?

[mouss]

Antony a écrit :
> I slept some hours, my mind is relaxed and less confused than those
> last days, let's go ! ;o)
> 
> Thanks to Wietse and mouss, my gateway is now fully functional, and relays
> emails to my server :
>Internet --> mx1.mydomain.com[my gateway with postfix] -->
> mx2.mydomain.com (only MX1 acts as a DNS MX for all emails sent to
> mydomain.com)
> First goal is achieved.
> 
> Next step (in a few month) will be to migrate our mx2 email server from
> Lotus Notes to mx1, which will be in a few month our final email sever.
> 
> Then I'm searching for the right solution not only to forward emails to mx2,
> but to store all of them (dovecot) on mx1 in Maildir format.
> Actually, I did not find any answer on the subject. Either emails are
> relayed, either they are stored ...
> Is it possible, and what is the nicest native solution according to such a
> configuration please ?
> 

you need to "duplicate" mail.


recipient_bcc_maps = pcre:/etc/postfix/recipient_bcc.pcre

== recipient_bcc.pcre
/^(.*)@example\.com$/   $...@dovecot.example.com


an alternative is virtual_alias_maps but you must not break recipient
validation with wildcard enrties.


> -
> #cat main.cf |grep -v "#"


1. some variables may contain a '#'. so your grep -v is not "adequate".
but this is not important...

2. you don't need to wake up the cat. most unix commands accept files:
grep -v "^#" main.cf

3. but more importantly, we rarely read main.cf snippets. you should
send the output of 'postconf -n' instead.

Re: Relaying/forwarding query

[mouss]

Nigel Gilbert a écrit :
> 
> 
> On 04/01/2009 19:33, "Sahil Tandon"  wrote:
> 
>> Nigel Gilbert wrote:
>>
>>> I have Postfix running on dusty.soc.surrey.ac.uk.  I would like mail from
>>> the internet addressed to unknown local users on this server (e.g. to
>>> x...@soc.surrey.ac.uk) to be re-addressed and forwarded
>> Before continuing, please clarify: are the unknown local users known
>> relay recipients?  Or are you trying to devise some sort of 'catch-all'
>> that forwards *all* mail to unknown users (local or otherwise) to this
>> other mail server?  The latter is a bad idea.
>>
>> [...]
> 
> The latter, but although it may in general be a bad idea, (1) the other
> server (surrey.ac.uk) is well set up for catching and dealing with spam etc.
> (e.g. all mail sent to it is processed through messagelabs span filtering),
> and (2) there is no easily accessible list of users that are known on
> surrey.ac.uk, but unknown to soc.surrey.ac.uk.
> 

the question is whether some users may be rejected by the second server.
if so, they must also be rejected by the first one.

if this is ok, then simply declare the domain as a relay domain and use
virtual_alias_maps to deliver some users locally.

Evaluation of maps in local or virtual address classes

[Patrick Ben Koetter]

Maps in $relay_recipient_maps are evaluated as lists - only the LHS is
examined to determine if a recipient is listed and therefore a valid
recipient.

Does the same apply for local_recipient_maps, virtual_alias_maps and
virtual_mailbox_maps when Postfix tries to determine if a given recipient is
a valid recipient?

I'm asking because I am trying to figure out what I need to do to accept
messages for local/virtual mumble domains and have them sent off to a LMTP
server afterwards.

Sending them off to a LMTP server is a transport map job:

recipi...@example.com   lmtp:localhost

But what do I do to tell Postfix recipi...@example.com is a valid recipient?

Can I reuse my transport map and add it to local_recipient_maps,
virtual_alias_maps or virtual_mailbox_maps as required?

p...@rick

-- 
The Book of Postfix

saslfinger (debugging SMTP AUTH):

Re: Relaying/forwarding query

[Nigel Gilbert]

On 04/01/2009 20:11, "mouss"  wrote:

> Nigel Gilbert a écrit :
>> 
>> 
>> On 04/01/2009 19:33, "Sahil Tandon"  wrote:
>> 
>>> Nigel Gilbert wrote:
>>> 
 I have Postfix running on dusty.soc.surrey.ac.uk.  I would like mail from
 the internet addressed to unknown local users on this server (e.g. to
 x...@soc.surrey.ac.uk) to be re-addressed and forwarded
>>> Before continuing, please clarify: are the unknown local users known
>>> relay recipients?  Or are you trying to devise some sort of 'catch-all'
>>> that forwards *all* mail to unknown users (local or otherwise) to this
>>> other mail server?  The latter is a bad idea.
>>> 
>>> [...]
>> 
>> The latter, but although it may in general be a bad idea, (1) the other
>> server (surrey.ac.uk) is well set up for catching and dealing with spam etc.
>> (e.g. all mail sent to it is processed through messagelabs span filtering),
>> and (2) there is no easily accessible list of users that are known on
>> surrey.ac.uk, but unknown to soc.surrey.ac.uk.
>> 
> 
> the question is whether some users may be rejected by the second server.
> if so, they must also be rejected by the first one.
> 
> if this is ok, then simply declare the domain as a relay domain and use
> virtual_alias_maps to deliver some users locally.

May I ask for one more level of detail about how to do this?  I am new to
postfix.

" simply declare the domain as a relay domain"

I add 
relay_domains = surrey.ac.uk
to main.cf.  Correct?

"use virtual_alias_maps to deliver some users locally"

I add 
virtual_alias_maps = hash:/etc/postfix/virtual
to main.cf

In the file hash:/etc/postfix/virtual I put:

known.local.us...@soc.surrey.ac.uk known.local.user
Etc.

And then run postmap /etc/postfix/virtual
 
Is that right?

When the mail for an unknown user is relayed to surrey.ac.uk, will it appear
to be addressed to unknown.u...@surrey.ac.uk (although originally sent to
unknown.u...@soc.surrey.ac.uk)?  It needs to be, because otherwise
surrey.ac.uk will just send it back to soc.surrey.ac.uk!

Thank you for your help and advice,

Nigel




Professor Nigel Gilbert, ScD, FREng, AcSS, Professor of Sociology,
University of Surrey, Guildford GU2 7XH, UK. +44 (0)1483 689173

RE: How to relay AND store all emails on a gateway ?

[Antony]

Indeed it should work. But, I was not clear, my mistaken. 
I do not wish to use dovecot as a mail server, but only as an alternative
LDA for Postfix (+ for SMTP SASL purposes).
Possible ?

And if not, are virtual_alias_maps or recipient_bcc_maps forward via smtp
the solution ? It seems for me a "heavy" solution for what I have to do.
Isn't there a "local delivery way" to proceed ?

Regards,
Antony

-Message d'origine-
De : mouss [mailto:mo...@ml.netoyen.net] 
Envoyé : dimanche 4 janvier 2009 21:09
À : anto_neohap...@abruti.org
Cc : postfix-users@postfix.org
Objet : Re: How to relay AND store all emails on a gateway ?

Antony a écrit :
> I slept some hours, my mind is relaxed and less confused than those
> last days, let's go ! ;o)
> 
> Thanks to Wietse and mouss, my gateway is now fully functional, and relays
> emails to my server :
>Internet --> mx1.mydomain.com[my gateway with postfix] -->
> mx2.mydomain.com (only MX1 acts as a DNS MX for all emails sent to
> mydomain.com)
> First goal is achieved.
> 
> Next step (in a few month) will be to migrate our mx2 email server from
> Lotus Notes to mx1, which will be in a few month our final email sever.
> 
> Then I'm searching for the right solution not only to forward emails to
mx2,
> but to store all of them (dovecot) on mx1 in Maildir format.
> Actually, I did not find any answer on the subject. Either emails are
> relayed, either they are stored ...
> Is it possible, and what is the nicest native solution according to such a
> configuration please ?
> 

you need to "duplicate" mail.


recipient_bcc_maps = pcre:/etc/postfix/recipient_bcc.pcre

== recipient_bcc.pcre
/^(.*)@example\.com$/   $...@dovecot.example.com


an alternative is virtual_alias_maps but you must not break recipient
validation with wildcard enrties.


> -
> #cat main.cf |grep -v "#"


1. some variables may contain a '#'. so your grep -v is not "adequate".
but this is not important...

2. you don't need to wake up the cat. most unix commands accept files:
grep -v "^#" main.cf

3. but more importantly, we rarely read main.cf snippets. you should
send the output of 'postconf -n' instead.



!DSPAM:4961177e95621732817365!

Re: localhost and smarthost

[Asif Iqbal]

On Sun, Jan 4, 2009 at 2:43 PM, mouss  wrote:
> Asif Iqbal a écrit :
>> On Sun, Jan 4, 2009 at 6:11 AM, mouss  wrote:
>>> Asif Iqbal a écrit :
 Hi All

 All my email gets relayed thru gmail as it should. But how do I tell
 it to send all localemails to local spool and not send it to gmail?
>>
>> I see qmgr sends the mail to smtp and local like in this flowchart
>>
>> http://www.postfix.org/OVERVIEW.html#delivering
>>
>> How do I tell qmgr which one should be delivered to local and which one to 
>> smtp?
>>
>
> maybe by reading what I said? or should I repeat? if so, let's go:

ok have a chill pill while I answer your question

>
> - what do you mean by "localemails"? which mail do you want to deliver
> locally?

I meant mails for local domain. My laptop does not really have a valid
domain name.
So any mail to say iqb...@ghar-iqbala.lan or say r...@ghar-iqbala.lan
should go to
local Maildir instead of trying to deliver it thru my relayhost

>
> - if it's for specific addresses, use virtual_alias_maps as I already said.
>

So is that how qmgr decides what should be sent to local and what to
smtp? That was a question I posted earlier in case you have not read
it

>
>



-- 
Asif Iqbal
PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu

Re: Problem with notification message

[Noel Jones]

Michael JOLY wrote:

yes my system is .
 
This is the mail system at host x
in the example after, z...@z.fr  is the 
virtual address  and yyy...@localhost  is the 
local account.
mailto:yyy...@localhost>> (expanded from 
z...@z.fr ):

data
format error. Command output: : Mailbox does not exist : Mailbox 
does not
exist : Mailbox does not exist : Mailbox does not exist : Mailbox 
does not

exist
 
i can't give you my conf because i have no access to the server before 
tomorrow




Please don't top post.

You have a configuration error on your server.  Apparently the 
recipient is expanded to several invalid recipients along with 
the valid recipient.  Possibly the command you are using to 
deliver mail is broken.


Further diagnosis requires that you show your "postconf -n" 
output, *and* postfix logging associated with these failed 
deliveries, *and* details of how you deliver your mail.


We'll look forward to hearing from you tomorrow after you have 
access to your server.


--
Noel Jones

Re: Evaluation of maps in local or virtual address classes

[Victor Duchovni]

On Sun, Jan 04, 2009 at 09:31:42PM +0100, Patrick Ben Koetter wrote:

> Maps in $relay_recipient_maps are evaluated as lists - only the LHS is
> examined to determine if a recipient is listed and therefore a valid
> recipient.

Only used in smtpd(8) where no rewriting takes place, just address
validation, so nothing useful can be done with the RHS.

> Does the same apply for local_recipient_maps,

Ditto.

> virtual_alias_maps

Well, in smtpd(8) the RHS is ignored, and the table is used across all
address classes. In cleanup(8), this is used for rewriting of all
recipient addresses and the RHS is clearly not ignored.

> and virtual_mailbox_maps

in smtpd(8) used only for address validation, in virtual(8) used to
select the right mailbox, but there in some cases virtual mailbox
delivery is handled by other delivery agents, and in that case the
table's RHS is not used.

> I'm asking because I am trying to figure out what I need to do to accept
> messages for local/virtual mumble domains and have them sent off to a LMTP
> server afterwards.

Only virtual(5) RHS values will be used.

If you rewrite from an external virtual alias domain to the LMTP server's
internal domain, you don't any tables other than virtual_alias_maps,
and the external domain is typically a virtual alias domain.

If the LMTP delivery domain is the same as the external domain, use
virtual_mailbox_maps with RHS values that are not used by Postfix.


> Sending them off to a LMTP server is a transport map job:
> 
> recipi...@example.com   lmtp:localhost

The correct syntax (if the default port is OK) is:

recipi...@example.com   lmtp:inet:localhost

Why per-recipient transport lookups? Often better to rewrite to a domain
where the entire domain is handled by lmtp(8).

> But what do I do to tell Postfix recipi...@example.com is a valid recipient?

Use virtual_mailbox_maps.

> Can I reuse my transport map and add it to local_recipient_maps,
> virtual_alias_maps or virtual_mailbox_maps as required?

Don't add $transport_maps to virtual_mailbox_maps, but if per-recipient
transport entries are the right solution, use a common table that you
add to both:

lmtp_user_transport_maps = :
transport_maps = ... $lmtp_user_transport_maps
virtual_mailbox_maps = ... $lmtp_user_transport_maps

Provided the same users will never reach virtual(8), the fact that
the RHS is transport-valued rather than mailbox-path-valued is not
a problem.

-- 
Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:


If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.

Re: localhost and smarthost

[Sahil Tandon]

Asif Iqbal wrote:

> > - what do you mean by "localemails"? which mail do you want to deliver
> > locally?
> 
> I meant mails for local domain. My laptop does not really have a valid
> domain name.
> So any mail to say iqb...@ghar-iqbala.lan or say r...@ghar-iqbala.lan
> should go to
> local Maildir instead of trying to deliver it thru my relayhost

Postfix will not go to gmail (which is your relayhost) to deliver mail
if that mail is addressed to a *local* domain.  You need to include 
'ghar-iqbala.lan' in the mydestination parameter in main.cf.  Mouss
already gave you this clue.

For more information:
http://www.postfix.org/postconf.5.html#mydestination
http://www.postfix.org/STANDARD_CONFIGURATION_README.html
http://www.postfix.org/ADDRESS_CLASS_README.html

-- 
Sahil Tandon 

Re: Evaluation of maps in local or virtual address classes

[Patrick Ben Koetter]

* Victor Duchovni :

...

> > Sending them off to a LMTP server is a transport map job:
> > 
> > recipi...@example.com   lmtp:localhost
> 
> The correct syntax (if the default port is OK) is:
>
> recipi...@example.com   lmtp:inet:localhost


Maybe its just me, but I had not looked for this notation in lmtp(8), but in
transport(8), where I was looking for transport examples. May I suggest an
example of this is added to transport(5)?


> Why per-recipient transport lookups? Often better to rewrite to a domain
> where the entire domain is handled by lmtp(8).

Agreed. In my case I am after a mixed domain - some mails go to typical
mailboxes and some will be sent of to a LMTP server.


> > But what do I do to tell Postfix recipi...@example.com is a valid recipient?
> 
> Use virtual_mailbox_maps.
> 
> > Can I reuse my transport map and add it to local_recipient_maps,
> > virtual_alias_maps or virtual_mailbox_maps as required?
> 
> Don't add $transport_maps to virtual_mailbox_maps, but if per-recipient
> transport entries are the right solution, use a common table that you
> add to both:
> 
>   lmtp_user_transport_maps = :
>   transport_maps = ... $lmtp_user_transport_maps
>   virtual_mailbox_maps = ... $lmtp_user_transport_maps

That's what I had had on my mind. Thanks.


> Provided the same users will never reach virtual(8), the fact that
> the RHS is transport-valued rather than mailbox-path-valued is not
> a problem.

That's exactly what I had hoped to hear.


p...@rick


-- 
The Book of Postfix

saslfinger (debugging SMTP AUTH):

Different Postfix master.cf entry depending on outgoing domain.

[Adam]

What I'd like to do :

Append different altermime disclaimers depending on outbound domain.


What I have :

I've setup a 'middle-man' box which is only going to run postfix and
altermime.  It will then fwd via relayhost to my outbound servers
(also postfix).


I understand that amavisd-new has begun adding this capability, but
until it is finalized I didn't want to 'bank on it'.

Is there a way I can have mail sent through different "smtpd's"
depending on the outgoing domain?  If so I could throw a different
disclaimer depending.


(I understand the argument against this crap, I only have so much input...)


My postfix config is very vanilla (distro provided, Mandriva 2009),
but I can post my master.cf (and postconf -n) if necessary.


Thank you.
ADAM

Re: localhost and smarthost

[Asif Iqbal]

On Sun, Jan 4, 2009 at 6:35 PM, Sahil Tandon  wrote:
> Asif Iqbal wrote:
>
>> > - what do you mean by "localemails"? which mail do you want to deliver
>> > locally?
>>
>> I meant mails for local domain. My laptop does not really have a valid
>> domain name.
>> So any mail to say iqb...@ghar-iqbala.lan or say r...@ghar-iqbala.lan
>> should go to
>> local Maildir instead of trying to deliver it thru my relayhost
>
> Postfix will not go to gmail (which is your relayhost) to deliver mail
> if that mail is addressed to a *local* domain.  You need to include
> 'ghar-iqbala.lan' in the mydestination parameter in main.cf.  Mouss

uh huh! that was it. If the domain name is defined in `mydestination'
it is considered local
mail. That is exactly what I was looking for. Thanks a lot!

> already gave you this clue.
>
> For more information:
> http://www.postfix.org/postconf.5.html#mydestination
> http://www.postfix.org/STANDARD_CONFIGURATION_README.html
> http://www.postfix.org/ADDRESS_CLASS_README.html
>
> --
> Sahil Tandon 
>



-- 
Asif Iqbal
PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu

Re: Different Postfix master.cf entry depending on outgoing domain.

[Sahil Tandon]

Adam wrote:

> Is there a way I can have mail sent through different "smtpd's"
> depending on the outgoing domain?  If so I could throw a different
> disclaimer depending.

http://www.postfix.org/transport.5.html

-- 
Sahil Tandon 

Re: Evaluation of maps in local or virtual address classes

[Victor Duchovni]

On Mon, Jan 05, 2009 at 12:42:10AM +0100, Patrick Ben Koetter wrote:

> * Victor Duchovni :
> 
> ...
> 
> > > Sending them off to a LMTP server is a transport map job:
> > > 
> > > recipi...@example.com   lmtp:localhost
> > 
> > The correct syntax (if the default port is OK) is:
> >
> > recipi...@example.com   lmtp:inet:localhost
> 
> 
> Maybe its just me, but I had not looked for this notation in lmtp(8), but in
> transport(8), where I was looking for transport examples. May I suggest an
> example of this is added to transport(5)?

No, the syntax of the nextop is transport dependent, each delivery agent
documents the nexthop syntax it supports. The right place to find LMTP
nexthop syntax is in the lmtp(8) manpage.

> > Why per-recipient transport lookups? Often better to rewrite to a domain
> > where the entire domain is handled by lmtp(8).
> 
> Agreed. In my case I am after a mixed domain - some mails go to typical
> mailboxes and some will be sent of to a LMTP server.

What is the address class of the "typical" mailboxes? If this is "local",
you need to extend local_recipient_maps, not virtual_mailbox_maps.

> > Use virtual_mailbox_maps.
> > 
> > > Can I reuse my transport map and add it to local_recipient_maps,
> > > virtual_alias_maps or virtual_mailbox_maps as required?
> > 
> > Don't add $transport_maps to virtual_mailbox_maps, but if per-recipient
> > transport entries are the right solution, use a common table that you
> > add to both:
> > 
> > lmtp_user_transport_maps = :
> > transport_maps = ... $lmtp_user_transport_maps
> > virtual_mailbox_maps = ... $lmtp_user_transport_maps
> 
> That's what I had had on my mind. Thanks.

Provided the other mailboxes are also virtual.

-- 
Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:


If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.

Postfix stable release 2.5.6, 2.4.10 and 2.3.16 available

[Wietse Venema]

Postfix stable releases 2.5.6, 2.4.10 and 2.3.16 catch up on fixes
that were applied in the past three months. Postfix versions 2.2
and earlier are no longer updated.
 
- Postfix 2.5: the SMTP server did not ask for a client certificate
with "smtpd_tls_req_ccert = yes". Reported by Rob Foehl.

- Postfix 2.5, 2.4 and 2.3: avoid reduced TCP performance when
reusing an SMTP connection with a larger than 4096-byte TCP MSS
value. In practice, this could happen only with loopback (localhost)
connections.

- Postfix 2.3: the cleanup server did not update the queue file's
recipient count field, after a Milter application added or deleted
a recipient. This resulted in harmless "rcpt count mismatch" warning
messages from the Postfix queue manager. Reported by Matthew Sullivan
(Sorbs). Fix back-ported from Postfix 2.4.

The first version of these releases suffered from a cut-and-paste
error in file smtp_reuse.c. Corrected versions have been issued
in the mean time.

The updated files should show up in the next 12 hours on the mirror
sites listed at http://www.postfix.org/

Wietse

Re: How to relay AND store all emails on a gateway ?

[mouss]

Antony a écrit :
> Indeed it should work. But, I was not clear, my mistaken. 
> I do not wish to use dovecot as a mail server, but only as an alternative
> LDA for Postfix (+ for SMTP SASL purposes).
> Possible ?
> 


hmmm. sorry. I'm not sure to understand...

my understanding was that you wanted mail for f...@example.com to be
devlivered "twice": once to a relay MTA and once to dovecot.


> And if not, are virtual_alias_maps or recipient_bcc_maps forward via smtp
> the solution ? It seems for me a "heavy" solution for what I have to do.
> Isn't there a "local delivery way" to proceed ?
> 

you need to tell us exactly what you want to do with which mail.

abruti, va (je plaisante:)

per recipient transport [Was: Evaluation of maps in local or virtual address classes]

[mouss]

Victor Duchovni a écrit :
> [snip]
> Why per-recipient transport lookups? Often better to rewrite to a domain
> where the entire domain is handled by lmtp(8).
> 

is there a benefit in avoiding per recipient transports? or said
otherwise: is there a way to tell postfix to only lookup domains?


>> But what do I do to tell Postfix recipi...@example.com is a valid recipient?
> 
> Use virtual_mailbox_maps.
> 
>> Can I reuse my transport map and add it to local_recipient_maps,
>> virtual_alias_maps or virtual_mailbox_maps as required?
> 
> Don't add $transport_maps to virtual_mailbox_maps, but if per-recipient
> transport entries are the right solution, use a common table that you
> add to both:
> 
>   lmtp_user_transport_maps = :
>   transport_maps = ... $lmtp_user_transport_maps
>   virtual_mailbox_maps = ... $lmtp_user_transport_maps
> 
> Provided the same users will never reach virtual(8), the fact that
> the RHS is transport-valued rather than mailbox-path-valued is not
> a problem.
> 

Re: Different Postfix master.cf entry depending on outgoing domain.

[mouss]

Adam a écrit :
> What I'd like to do :
> 
> Append different altermime disclaimers depending on outbound domain.
> 
> 
> What I have :
> 
> I've setup a 'middle-man' box which is only going to run postfix and
> altermime.  It will then fwd via relayhost to my outbound servers
> (also postfix).
> 
> 
> I understand that amavisd-new has begun adding this capability, but
> until it is finalized I didn't want to 'bank on it'.
> 
> Is there a way I can have mail sent through different "smtpd's"
> depending on the outgoing domain?

if you mean the recipient domain, then no, unless you want to run
multiple postfix instances.

do whatever you want in the filter.

>  If so I could throw a different
> disclaimer depending.
> 
> 
> (I understand the argument against this crap, I only have so much input...)
> 
> 
> My postfix config is very vanilla (distro provided, Mandriva 2009),
> but I can post my master.cf (and postconf -n) if necessary.
> 
> 
> Thank you.
> ADAM

Re: per recipient transport [Was: Evaluation of maps in local or virtual address classes]

[Victor Duchovni]

On Mon, Jan 05, 2009 at 03:31:52AM +0100, mouss wrote:

> Victor Duchovni a ?crit :
> > [snip]
> > Why per-recipient transport lookups? Often better to rewrite to a domain
> > where the entire domain is handled by lmtp(8).
> > 
> 
> is there a benefit in avoiding per recipient transports?

Simplicity, also reduces temptation to do LDAP or SQL transport lookups,
which are problemactic under load, because qmgr latency cannot be
ammortized via concurrency (there is only one queue manager).

> or said otherwise: is there a way to tell postfix to only lookup domains?

No.

-- 
Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:


If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.

Re: per recipient transport [Was: Evaluation of maps in local or virtual address classes]

[mouss]

Victor Duchovni a écrit :
> On Mon, Jan 05, 2009 at 03:31:52AM +0100, mouss wrote:
> 
>> Victor Duchovni a ?crit :
>>> [snip]
>>> Why per-recipient transport lookups? Often better to rewrite to a domain
>>> where the entire domain is handled by lmtp(8).
>>>
>> is there a benefit in avoiding per recipient transports?
> 
> Simplicity, also reduces temptation to do LDAP or SQL transport lookups,

unfortunately, this is exactly what I want to do: put everything in *sql
to ease mgmt. of course, it is possible to dump the sql data, but I am
talking about a web UI where I'd prefer the web app no have any
privileges. I guess a cron (to dump data) is the best I can do if I
don't want to write an "update" daemon?

> which are problemactic under load, because qmgr latency cannot be
> ammortized via concurrency (there is only one queue manager).
> 
>> or said otherwise: is there a way to tell postfix to only lookup domains?
> 
> No.
> 

Re: per recipient transport [Was: Evaluation of maps in local or virtual address classes]

[Victor Duchovni]

On Mon, Jan 05, 2009 at 03:49:55AM +0100, mouss wrote:

> Victor Duchovni a ?crit :
> > On Mon, Jan 05, 2009 at 03:31:52AM +0100, mouss wrote:
> > 
> >> Victor Duchovni a ?crit :
> >>> [snip]
> >>> Why per-recipient transport lookups? Often better to rewrite to a domain
> >>> where the entire domain is handled by lmtp(8).
> >>>
> >> is there a benefit in avoiding per recipient transports?
> > 
> > Simplicity, also reduces temptation to do LDAP or SQL transport lookups,
> 
> unfortunately, this is exactly what I want to do: put everything in *sql
> to ease mgmt. of course, it is possible to dump the sql data, but I am
> talking about a web UI where I'd prefer the web app no have any
> privileges. I guess a cron (to dump data) is the best I can do if I
> don't want to write an "update" daemon?

There is nothing wrong with *SQL or LDAP for virtual alias lookups,
these happen in parallel in cleanup(8). This is why I encourage per-user
routing via rewriting (legacy Sendmail-style) with coarse routing via
fixed domain mappings in transport(5).

The (ideally small) transport should not use *SQL unless you can ensure
that lookup latency is very low under a wide range of conditions. Just
observe that each recipient address is subject to multiple transport
lookups (various truncated keys), and the queue manager needs to
resolve (via trivial-rewrite) each and every message recipient to
a transport:nexthop.

-- 
Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:


If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.

Re: per recipient transport [Was: Evaluation of maps in local or virtual address classes]

[Wietse Venema]

mouss:
> Victor Duchovni a ?crit :
> > On Mon, Jan 05, 2009 at 03:31:52AM +0100, mouss wrote:
> > 
> >> Victor Duchovni a ?crit :
> >>> [snip]
> >>> Why per-recipient transport lookups? Often better to rewrite to a domain
> >>> where the entire domain is handled by lmtp(8).
> >>>
> >> is there a benefit in avoiding per recipient transports?
> > 
> > Simplicity, also reduces temptation to do LDAP or SQL transport lookups,
> 
> unfortunately, this is exactly what I want to do: put everything in *sql
> to ease mgmt. of course, it is possible to dump the sql data, but I am
> talking about a web UI where I'd prefer the web app no have any
> privileges. I guess a cron (to dump data) is the best I can do if I
> don't want to write an "update" daemon?

High-latency maps such as LDAP and SQL are OK for smtpd or cleanup
(because these processes run in parallel) but not trivial-rewrite
(because there is only one qmgr).  This applies not only to transport
maps but also to maps that define address classes.

Wietse

Re: reject_rbl_client after check_policy_service

[Rajkumar S]

On Fri, Jan 2, 2009 at 10:37 PM, mouss  wrote:
> Remove the "defer" keyword. Return
>"450 4.7.1 Greylisted Come back after 30 seconds"
> with no "defer" before it.

Thanks, that finally did the trick :)

raj

Maildrop "user unknown. Command output: Invalid user specified"

[tôba]

Hello all,
With postfix and maildrop, I have this issue. Mails cannot be delivered
and in mail.log, I have this:

...relay=maildrop, delay=0.81, delays=0.8/0/0/0.01, dsn=5.1.1,
status=bounced (user unknown. Command output: Invalid user specified. )

I saw at google that this problem happenned already with others but I
could not find the solution.

My OS: Debian Etch

Try to make running: Postfix and Courier with maildrop delivery.

My relative (i think) postfix conf:
virtual_minimum_uid = 6060
virtual_gid_maps = static:6060
virtual_uid_maps = static:6060
virtual_alias_maps =
proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf,
hash:/etc/postfix/virtual virtual_mailbox_domains =
proxy:mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_maps =
proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_transport = maildrop virtual_mailbox_base = /var/vmail/
maildrop_destination_concurrency_limit = 2
maildrop_destination_recipient_limit = 1

Maildrop suid:
tsaida:~# whereis maildrop
maildrop: /usr/bin/maildrop /usr/X11R6/bin/maildrop /usr/bin/X11/maildrop 
/usr/share/maildrop /usr/share/man/man1/maildrop.1.gz
tsaida:~# ls -l /usr/bin/maildrop
-rwxr-sr-x 1 root mail 162132 2006-10-08 18:11 /usr/bin/maildrop
tsaida:~# 

Postfix master.cf
maildrop  unix  -   n   n   -   -   pipe
  flags=uR user=vmail argv=/usr/bin/maildrop -d $recipient -w 90

Originally, (from a howto,) it was like the following but somewhere in a
mailinglist archive, the fellow suggested the above config.

maildrop  unix  -   n   n   -   -   pipe
flags=ODRhu user=vmail:daemon argv=/usr/bin/maildrop -w 90 -d
${us...@${nexthop}  ${extension} ${recipient} ${user} ${nexthop}

Can someone help me?

Best regards,

Tôba.

RE: How to relay AND store all emails on a gateway ?

[Antony Simonneau]

Forget dovecot.
For each incoming email, basically I want both to store it in Maildir format
and relay it via SMTP.

Abruti



-Message d'origine-
De : mouss [mailto:mo...@ml.netoyen.net] 
Envoyé : lundi 5 janvier 2009 03:23
À : anto_neohap...@abruti.org
Cc : postfix-users@postfix.org
Objet : Re: How to relay AND store all emails on a gateway ?

Antony a écrit :
> Indeed it should work. But, I was not clear, my mistaken. 
> I do not wish to use dovecot as a mail server, but only as an alternative
> LDA for Postfix (+ for SMTP SASL purposes).
> Possible ?
> 


hmmm. sorry. I'm not sure to understand...

my understanding was that you wanted mail for f...@example.com to be
devlivered "twice": once to a relay MTA and once to dovecot.


> And if not, are virtual_alias_maps or recipient_bcc_maps forward via smtp
> the solution ? It seems for me a "heavy" solution for what I have to do.
> Isn't there a "local delivery way" to proceed ?
> 

you need to tell us exactly what you want to do with which mail.

abruti, va (je plaisante:)

!DSPAM:49616f1422577444863102!