Re: Postfix "Toaster" - replacing vpopmail

[Charles Sprickman]

On Thu, 16 Jul 2009, Charles Marcus wrote:


On 7/16/2009, Charles Sprickman (sp...@bway.net) wrote:

-Continued use of Courier-IMAP.  Not so much because I like it, but I
don't want POP UUIDs changing or any big changes in IMAP quirks that
suddenly cause users grief.  It seems like Courier+Maildrop is fairly
common though, so I think I'm safe there.


This is the only thing that I would recommend you reconsider.


Gladly!


Dovecot has been pretty much rock-solid for quite some time now (with a
few minor issues here and there that would only potentially affect those
who upgrade immediately following every release), and after the release
of 1.2, it is making huge strides.

It has a very good conversion utility for Courier-Dovecot that does
preserve POP UIDLs:

http://wiki.dovecot.org/Migration/Courier


Thanks very much for that tip.  My only reason for staying with Courier is 
to avoid POP clients re-fetching mail due to UIDL changes.



Of course, dovecot's strongest suit is as an IMAP server, but its POP
capability should be fine too.

The best part though - it is an order of magnitude (or more) faster than
Courier... seriously. It can support far more clients on a single box
than Courier can.


I'm doing fairly well with Courier, but the bulk of our clients are POP. 
I do find that large IMAP copy operations with Courier seem incredibly cpu 
intensive though.



I would strongly urge you to at least do some preliminary testing before
making a final decision...


Will do.

Any other tangential information related to my initial query would be very 
much appreciated.


Thanks,

Charles


Anyway, thats my .02 clad coins worth...

--

Best regards,

Charles

Re: postscreen test

[lst_hoe02]

Zitat von Victor Duchovni :


On Thu, Jul 16, 2009 at 05:21:13PM -0400, Rob Foehl wrote:


Possible substitutes include concierge or valet, or perhaps any of the less
specific guard, sentry, sentinel, ...


I think "sentry" is short, and simple, and can even be thought of as a
contraction of "smtp" and "entry". A bit less corny than "prefix" IMHO
(sorry Patrick, nothing personal).


I too would prefare something you can "easy" search for. The word  
"prefix" would be to broad in use IMHO.


Regards

Andreas

Re: postscreen test

[Victoriano Giralt]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 07/16/09 16:19, Terry Carmen wrote:
>> "prefix"? It fixes things before they become a problem...
>>
> Great name! I like it!
+1

- -- 
Victoriano Giralt
Systems Manager
Central ICT Services
University of Malaga
SPAIN
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Remi - http://enigmail.mozdev.org/

iD8DBQFKYDjYV6+mDjj1PTgRAq3CAJoCIDs2nNzccgdUXjt/A8zd06r92ACeLIEz
vmInQK7KHjWXF3XUfcND6yQ=
=llzT
-END PGP SIGNATURE-

Retrying a content_filter

[Dan B]

[semi-reposting because I'm an idiot who didn't read I need to be a
member of the list to post, and used the Google Groups interface]

Hi there,
I've got Postfix set up quite happily to put all incoming mail through
a filter script described in the first, "simple" section of
FILTER_README. This script does some processing to the email and sends
it back out to its recipient. This script usually runs without
problems, and that's fine, but I've been investigating what happens
when an error occurs. I've set it to return EX_TEMPFAIL to put the
mail in the 'deferred' queue if it does so it can be retried later.
When delivery is retried, though, the mail doesn't go through the
content_filter again, and that is my problem. Mail going through this
server isn't desperately time-sensitive, and it needs to be queued on
the server to be put through processing even if the processing isn't
available for hours. I just want the mail to build up in the queue and
be pushed back through the content_filter when everything is OK again.

I've looked around quite a bit and I can't see anything that helps me
in this: does anyone have any ideas?

Thanks in anticipation!

Re: virtual alias problem

[Guy]

2009/7/15 Brian Evans - Postfix List :
> First, cleanup(8) is responsible for address lookup/rewriting from the
> pickup queue.
> Changing sendmail(1)'s parameters won't do anything.
>
> Second, we need some more concrete examples in order to help.
> Logs, 'postconf -n' and other tips in
> http://www.postfix.org/DEBUG_README.html#mail will help us help you.
> (Replace your domain with example.(com|net|org) if you like)

Perhaps I need to explain the problem I'm having a bit better.

I've included postconf -n from my backend mail server. As you can see
it does not use virtual_alias_maps. This was done purposefully as the
gateways do alias rewriting using virtual_alias_maps. Under normal
circumstances this is perfect as the backend servers generally only
receive mail. But I've got maildrop sending out vacation/out of office
messages from the backend servers. This is fine as long as the
recipient of the vacation/out of office message is not an alias on one
of our local domains.
The backend server will try to deliver locally as expected but
obviously can't recognise the address since it is an alias.

Below is a log of one of the problem emails:
Jul 17 09:41:16 mink postfix/pickup[24014]: EC1F6294655: uid=0
from=
Jul 17 09:41:16 mink postfix/cleanup[21294]: EC1F6294655:
message-id=<20090717084116.ec1f6294...@mink.mydomain.org>
Jul 17 09:41:17 mink postfix/qmgr[10999]: EC1F6294655:
from=, size=338, nrcpt=1 (queue active)
Jul 17 09:41:17 mink postfix/virtual[16922]: EC1F6294655:
to=, relay=virtual, delay=0.16, delays=0.1/0/0/0.06,
dsn=5.1.1, status=bounced (unknown user: "g...@mydomain.net")
Jul 17 09:41:17 mink postfix/cleanup[20951]: 1F030294660:
message-id=<20090717084117.1f030294...@mink.mydomain.org>
Jul 17 09:41:17 mink postfix/qmgr[10999]: 1F030294660: from=<>,
size=2212, nrcpt=1 (queue active)
Jul 17 09:41:17 mink postfix/bounce[16986]: EC1F6294655: sender
non-delivery notification: 1F030294660
Jul 17 09:41:17 mink postfix/qmgr[10999]: EC1F6294655: removed
Jul 17 09:41:17 mink postfix/virtual[16922]: 1F030294660:
to=, relay=virtual, delay=0.19,
delays=0.13/0/0/0.06, dsn=5.1.1, status=bounced (unknown user:
"g...@mydomain.net")
Jul 17 09:41:17 mink postfix/qmgr[10999]: 1F030294660: removed

Are there alterations I can make to my config that would allow
maildrop using "/usr/sbin/sendmail"  to correctly deliver mail to
aliases while my main Postfix config does not include
virtual_alias_maps?
I've tried using the -oA option mentioned in the man page for with no success.

Thanks
Guy


r...@mink:~# postconf -n
2bounce_notice_recipient = postmas...@mydomain.net
address_verify_sender = postmas...@mydomain.net
alias_database = hash:/etc/aliases
anvil_rate_time_unit = 60s
bounce_notice_recipient = postmas...@mydomain.net
bounce_template_file = /etc/postfix/bounce.cf
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
cyrus_sasl_config_path = /etc/postfix/sasl/
daemon_directory = /usr/lib/postfix
debug_peer_level = 1
default_destination_concurrency_limit = 30
delay_notice_recipient = postmas...@mydomain.net
delay_warning_time = 0h
disable_vrfy_command = yes
error_notice_recipient = postmas...@mydomain.net
fallback_transport = virtual
header_checks = regexp:/etc/postfix/header_checks
home_mailbox = Maildir/
html_directory = no
inet_interfaces = 10.0.7.180, localhost
local_destination_concurrency_limit = 2
local_recipient_maps =
mail_name = Mail Service
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/local/man
message_size_limit = 3124
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
mydomain = aluminati.net
myhostname = mink.aluminati.org
mynetworks = 127.0.0.0/8, 10.0.7.190, 10.0.7.188, 10.0.16.51, 10.0.16.52
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases
notify_classes = software
proxy_interfaces = 10.0.7.180, x.x.x.x
proxy_read_maps = $local_recipient_maps $mydestination
$virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps
$virtual_mailbox_domains $relay_recipient_maps $relay_domains
$canonical_maps $sender_canonical_maps $recipient_canonical_maps
$relocated_maps $transport_maps $mynetworks
$virtual_mailbox_limit_maps
queue_directory = /var/spool/postfix
readme_directory = no
relay_domains = proxy:mysql:/etc/postfix/mysql_relay_domains_maps.cf
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtp_connect_timeout = 30s
smtp_data_done_timeout = 900s
smtp_data_init_timeout = 180s
smtp_data_xfer_timeout = 300s
smtp_helo_timeout = 300s
smtp_mail_timeout = 300s
smtp_quit_timeout = 300s
smtp_rcpt_timeout = 300s
smtp_rset_timeout = 20s
smtpd_banner = $myhostname ESMTP
smtpd_client_connection_rate_limit = 500
smtpd_client_message_rate_limit = 500
smtpd_client_recipient_rate_limit = 0
smtpd_client_restrictions = permit_mynetworks   ,reject_rbl_client
sbl-xbl.spamhaus.org ,permit_sasl_authenticated  ,reject
smtpd_data_restrictions = reject_unauth_pipelining, pe

Re: postscreen test

[Reko Turja]

Another figure from Greek mythology that has lent his hame to even a 
special drinks cabinet: Tantalus


The mail server is there, you can even see it, but when you try to 
reach it it becomes unaccessible.


-Reko 

Re: postscreen test

[Wietse Venema]

Victor Duchovni:
> On Thu, Jul 16, 2009 at 05:21:13PM -0400, Rob Foehl wrote:
> 
> > Possible substitutes include concierge or valet, or perhaps any of the less 
> > specific guard, sentry, sentinel, ...
> 
> I think "sentry" is short, and simple, and can even be thought of as a
> contraction of "smtp" and "entry". A bit less corny than "prefix" IMHO
> (sorry Patrick, nothing personal).

"sentry" is good. 

In a similar class is "triage", which I mention in the postscreen
manpage at http://www.postfix.org/postscreen.8.html

Wietse

Re: postscreen test

[Wietse Venema]

Reko Turja:
> Another figure from Greek mythology that has lent his hame to even a 
> special drinks cabinet: Tantalus
> 
> The mail server is there, you can even see it, but when you try to 
> reach it it becomes unaccessible.

That is almost too good; it could a name for a complete product.

Wietse

Re: postscreen test

[Robert Schetterer]

Wietse Venema schrieb:
> Victor Duchovni:
>> On Thu, Jul 16, 2009 at 05:21:13PM -0400, Rob Foehl wrote:
>>
>>> Possible substitutes include concierge or valet, or perhaps any of the less 
>>> specific guard, sentry, sentinel, ...
>> I think "sentry" is short, and simple, and can even be thought of as a
>> contraction of "smtp" and "entry". A bit less corny than "prefix" IMHO
>> (sorry Patrick, nothing personal).
> 
> "sentry" is good. 
> 
> In a similar class is "triage", which I mention in the postscreen
> manpage at http://www.postfix.org/postscreen.8.html
> 
>   Wietse

sentry is used by lots of other things

http://en.wikipedia.org/wiki/Sentry

-- 
Best Regards

MfG Robert Schetterer

Germany/Munich/Bavaria

Re: postscreen test

[Robert Schetterer]

Reko Turja schrieb:
> Another figure from Greek mythology that has lent his hame to even a
> special drinks cabinet: Tantalus
> 
> The mail server is there, you can even see it, but when you try to reach
> it it becomes unaccessible.
> 
> -Reko

why not orcus *g
http://en.wikipedia.org/wiki/Orcus

-- 
Best Regards

MfG Robert Schetterer

Germany/Munich/Bavaria

Re: postscreen test

[Patrick Ben Koetter]

* Wietse Venema :
> Victor Duchovni:
> > On Thu, Jul 16, 2009 at 05:21:13PM -0400, Rob Foehl wrote:
> > 
> > > Possible substitutes include concierge or valet, or perhaps any of the 
> > > less 
> > > specific guard, sentry, sentinel, ...
> > 
> > I think "sentry" is short, and simple, and can even be thought of as a
> > contraction of "smtp" and "entry". A bit less corny than "prefix" IMHO
> > (sorry Patrick, nothing personal).
> 
> "sentry" is good. 
> 
> In a similar class is "triage", which I mention in the postscreen
> manpage at http://www.postfix.org/postscreen.8.html

Two more names:

  refuse
  drop(down)


I am very much in favor of greek or latin mythology, but I think prefix and
both words above are more in the tradition of describing what the program does
e.g.  pickup, cleanup, tlsmgr etc. which I actually like very much about
Postfix naming convention.

p...@rick



-- 
The Book of Postfix

saslfinger (debugging SMTP AUTH):

Re: postscreen test

[Simon Waters]

Winnow from winnowing.

Re: postscreen test

[José Luis Tallón]

Patrick Ben Koetter wrote:
> * Wietse Venema :
>   
>> Victor Duchovni:
>> 
>>> On Thu, Jul 16, 2009 at 05:21:13PM -0400, Rob Foehl wrote:
>>>
>>>   
 Possible substitutes include concierge or valet, or perhaps any of the 
 less 
 specific guard, sentry, sentinel, ...
 
>>> I think "sentry" is short, and simple, and can even be thought of as a
>>> contraction of "smtp" and "entry". A bit less corny than "prefix" IMHO
>>> (sorry Patrick, nothing personal).
>>>   
>> "sentry" is good. 
>>
>> In a similar class is "triage", which I mention in the postscreen
>> manpage at http://www.postfix.org/postscreen.8.html
>> 
>
> Two more names:
>
>   refuse
>   drop(down)
>
>
> I am very much in favor of greek or latin mythology, but I think prefix and
> both words above are more in the tradition of describing what the program does
> e.g.  pickup, cleanup, tlsmgr etc. which I actually like very much about
> Postfix naming convention.
>   
"screener", then.
Oh, wait ...


but then, there is also "anvil"

J.L.

Re: postscreen test

[Noel Jones]

Ralf Hildebrandt wrote:

* Noel Jones :


corona


Corona, St.George, what's it with the beer names?



Corona - outer atmosphere of a star
I can't help it if someone named a beer that too.  Makes more 
sense for our purpose, I'll give them a call.


I like sentry too.

  -- Noel Jones

Re: postscreen test

[Gaby Vanhegan]

On 17 Jul 2009, at 13:50, Noel Jones wrote:


I like sentry too.



Along that theme: doorman?  bouncer? examiner? customs?  patrol?

G.

--
Expounding the theory of infinite Abelian Badgers
http://playr.co.uk/

Re: Retrying a content_filter

[Noel Jones]

Dan B wrote:

[semi-reposting because I'm an idiot who didn't read I need to be a
member of the list to post, and used the Google Groups interface]

Hi there,
I've got Postfix set up quite happily to put all incoming mail through
a filter script described in the first, "simple" section of
FILTER_README. This script does some processing to the email and sends
it back out to its recipient. This script usually runs without
problems, and that's fine, but I've been investigating what happens
when an error occurs. I've set it to return EX_TEMPFAIL to put the
mail in the 'deferred' queue if it does so it can be retried later.


That's normally how content_filter works.


When delivery is retried, though, the mail doesn't go through the
content_filter again, and that is my problem. 


I'm having trouble imagining how you convinced postfix to 
behave this way.  Show evidence please.


Please show "postconf -n", modifications to master.cf, and 
logging so we can see what's happening and maybe figure out 
where it's gone wrong.  Also please report any additional 
software such as proxies, milters, etc. you have configured 
with postfix.




  -- Noel Jones

Re: postscreen test

[Ralf Hildebrandt]

* Noel Jones :
> Ralf Hildebrandt wrote:
>> * Noel Jones :
>>
>>> corona
>>
>> Corona, St.George, what's it with the beer names?
>>
>
> Corona - outer atmosphere of a star

Latin for Crown

-- 
Ralf Hildebrandt
  Geschäftsbereich IT | Abteilung Netzwerk
  Charité - Universitätsmedizin Berlin
  Campus Benjamin Franklin
  Hindenburgdamm 30 | D-12203 Berlin
  Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
  ralf.hildebra...@charite.de | http://www.charite.de

RE: postscreen test

[Goodman, Michael]

I like turpis

http://en.wiktionary.org/wiki/turpis

Latin

[edit] Adjective

turpis m. and f., turpe n.; third declension

   1. ugly, unsightly; foul, filthy
   2. (of sound) cacophonous, disagreeable
   3. (figuratively) base, infamous, scandalous, dishonorable, shameful, 
disgraceful

Or modified as postturpis

Michael Goodman
Senior System Administrator
-
Email:   mgood...@constantcontact.com
Phone: 781-370-8632
Mobile: 617-232-3121
-
 

Re: postscreen test

[Wietse Venema]

Ralf Hildebrandt:
> * Noel Jones :
> > Ralf Hildebrandt wrote:
> >> * Noel Jones :
> >>
> >>> corona
> >>
> >> Corona, St.George, what's it with the beer names?
> >>
> >
> > Corona - outer atmosphere of a star
> 
> Latin for Crown

Good names I have seen sofar that suggest what the program does:
sentry (the guard at the gate) and triage (the action of deciding
which patients to service).

Wietse

Re: postscreen test

[Bill Landry]

Wietse Venema wrote:
> Ralf Hildebrandt:
>> * Noel Jones :
>>> Ralf Hildebrandt wrote:
 * Noel Jones :

> corona
 Corona, St.George, what's it with the beer names?

>>> Corona - outer atmosphere of a star
>> Latin for Crown
> 
> Good names I have seen sofar that suggest what the program does:
> sentry (the guard at the gate) and triage (the action of deciding
> which patients to service).

How about "sentinel"

–noun
1. a person or thing that watches or stands as if watching.
2. a soldier stationed as a guard to challenge all comers and prevent a
surprise attack: to stand sentinel.
3. Also called tag. Computers. a symbol, mark, or other labeling device
indicating the beginning or end of a unit of information.

–verb (used with object)
4. to watch over or guard as a sentinel.

Bill

Re: postscreen test

[Gaby Vanhegan]

On 17 Jul 2009, at 15:02, Wietse Venema wrote:


Good names I have seen sofar that suggest what the program does:
sentry (the guard at the gate) and triage (the action of deciding
which patients to service).



St Peter?

--
Being drunk is feeling sophisticated without being able to say it.
http://www.playr.co.uk/

Re: postscreen test

[Robert Lopez]

On Fri, Jul 17, 2009 at 8:02 AM, Wietse Venema wrote:
> Ralf Hildebrandt:
>> * Noel Jones :
>> > Ralf Hildebrandt wrote:
>> >> * Noel Jones :
>> >>
>> >>> corona
>> >>
>> >> Corona, St.George, what's it with the beer names?
>> >>
>> >
>> > Corona - outer atmosphere of a star
>>
>> Latin for Crown
>
> Good names I have seen sofar that suggest what the program does:
> sentry (the guard at the gate) and triage (the action of deciding
> which patients to service).
>
>        Wietse
>


>From the point of view of one who has been easily confused by
definitions of terms I want to also join the no to "bouncer" and I
agree with all the reasons others have stated.

-- 
Robert Lopez
Unix Systems Administrator
Central New Mexico Community College (CNM)
525 Buena Vista SE
Albuquerque, New Mexico 87106

Re: temporary errors for DNS

[Ben Winslow]

On Thu, 16 Jul 2009 12:25:52 -0400
Victor Duchovni  wrote:

> On Wed, Jul 15, 2009 at 11:07:00PM +0200, mouss wrote:
> 
> > > Well, a DNS NXDOMAIN error seems a good reason for discarding
> > > mail.
> > 
> > even NXDOMAIN may be a temporary error that the admin can fix.
> 
> This borders on sophistry. NXDOMAIN is not a transient error that
> resuls from failure to obtain the right answer. It is a correctly
> obtained, best available answer.

...unless the zone admin forgot to update the serial number, and the
nameservers do not have identical copies of the zone.  Although a bit
of a stretch, this IS a case where a temporary reject on an NXDOMAIN
could result in the message being accepted later with no user action.

-- 
Ben Winslow 

Re: postscreen test

[Michel Lavondes]

On Thu, July 16, 2009 7:23 pm, Mike Cappella wrote:
> On 7/13/09 5:20 PM, Wietse Venema wrote:
>  >
>  > I'm still open for program name suggestions. If someone has a better
>  > name than "swatter" or "halligan" let me know. Once the name changes,
>  > all the configuration parameters will change, too.
>
> postcull

postcullis

Re: postscreen test

[Gaby Vanhegan]

On 17 Jul 2009, at 16:29, Michel Lavondes wrote:


On Thu, July 16, 2009 7:23 pm, Mike Cappella wrote:

On 7/13/09 5:20 PM, Wietse Venema wrote:


I'm still open for program name suggestions. If someone has a better
name than "swatter" or "halligan" let me know. Once the name  
changes,

all the configuration parameters will change, too.


   postcull


postcullis


Sounds a little like an Irish airline or a dubious sexual act?

--
Bought to you by the Department of Redundancy Department's Recursion  
Division of Recursion

http://playr.co.uk/

Re: SMTP authentication not working (but works via telnet) [FIXED]

[thomas]

* Patrick Ben Koetter  [2009-07-17 00:47:10+0200]:
> > 90EC0137A88 337 Thu Jul 16 19:12:09 u...@myhostname.foocorp.net
> > (SASL authentication failed; cannot authenticate to server 
> > smtp.foocorp.net[10.1.1.2]: generic failure) u...@example.org
> 
> forget that and set $smtp_sasl_mechanism_filter to filter GSSAPI away and
> choose from the remaining mechanisms.

Thanks, this was indeed the problem. Adding the
smtp_sasl_mechanism_filter with the appropriate mechanisms fixed it.

Thomas

Re: postscreen test

[LuKreme]

On 17-Jul-2009, at 09:29, Michel Lavondes wrote:

On Thu, July 16, 2009 7:23 pm, Mike Cappella wrote:

On 7/13/09 5:20 PM, Wietse Venema wrote:


I'm still open for program name suggestions. If someone has a better
name than "swatter" or "halligan" let me know. Once the name  
changes,

all the configuration parameters will change, too.


   postcull


postcullis


Well played.

--
You are responsible for your Rose

Auto-reply software

[Marcus]

Hi!

I need the auto-reply software for my postifx + mysql + courier + 
maildrop configuration. Does somebody an easy way to make this?


I have looked up for a tutorial in the internet but none of them work 
well. :(


Thanks a lot!

Re: Auto-reply software

[Ralf Hildebrandt]

* mar...@cloud9.net :
> Hi!
>
> I need the auto-reply software for my postifx + mysql + courier +  
> maildrop configuration. Does somebody an easy way to make this?

maildrop has this built in (mailbot I think)

-- 
Ralf Hildebrandt
  Geschäftsbereich IT | Abteilung Netzwerk
  Charité - Universitätsmedizin Berlin
  Campus Benjamin Franklin
  Hindenburgdamm 30 | D-12203 Berlin
  Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
  ralf.hildebra...@charite.de | http://www.charite.de

Re: Multiple PTR entries

[LuKreme]

On 16-Jul-2009, at 10:32, Roderick A. Anderson wrote:
help with them configuring their MTA (probably Exchange) so it plays  
well with the rest of the world.



Exchange? Rest of the world? Play well?

*cough*

--
...but the senator, while insisting he was not intoxicated,
could not explain his nudity.

Define some message_size_limit

[David Glez Romero]

Hi every one!!

I want to know if is possible to label message_size_limit postfix 
separation of different domains. So one wants to define 
message_size_limit a specific domain and the rest of the domains others 
message_size_limit.


Regards,
David

--
_
Lic. David González Romero
Network/System Administrator
DIC- OHC Dirección de Informática y Comunicaciones
Oficina del Historiador de la Ciudad
Ave Puerto. Edif. Lonja del Comercio 5H
Telf:(537)8608808, 8608853 ext 109
Linux counter: 242534
__


==
VIII ENCUENTRO INTERNACIONAL SOBRE MANEJO Y GESTION DE CENTROS HISTORICOS. 
Habana Vieja, 1-3 de Diciembre de 2009. Contactos: evento.manejoygest...@ohc.cu

--

Re: Define some message_size_limit

[Sahil Tandon]

On Jul 17, 2009, at 2:06 PM, David Glez Romero  wrote:


Hi every one!!

I want to know if is possible to label message_size_limit postfix  
separation of different domains. So one wants to define  
message_size_limit a specific domain and the rest of the domains  
others message_size_limit.


FAQ.  You need a policy server for this.  Google postfwd, policyd and  
search the archives of this mailing list.




Regards,
David

--
_
Lic. David González Romero
Network/System Administrator
DIC- OHC Dirección de Informática y Comunicaciones
Oficina del Historiador de la Ciudad
Ave Puerto. Edif. Lonja del Comercio 5H
Telf:(537)8608808, 8608853 ext 109
Linux counter: 242534
__


==
VIII ENCUENTRO INTERNACIONAL SOBRE MANEJO Y GESTION DE CENTROS  
HISTORICOS. Habana Vieja, 1-3 de Diciembre de 2009. Contactos: evento.manejoygest...@ohc.cu

--

Re: postscreen test

[Charles Marcus]

On 7/16/2009, Wietse Venema (wie...@porcupine.org) wrote:
> Charon is not too bad. Certainly better than zzapper or zkiller
> and other ugly names that I did not mention.

How about praetorian...

-- 

Best regards,

Charles

Re: postscreen test

[Mike Morris]

On 07/17/2009 05:30 AM, José Luis Tallón wrote:
> Patrick Ben Koetter wrote:
>> * Wietse Venema :
>>   
>>> Victor Duchovni:
>>> 
 On Thu, Jul 16, 2009 at 05:21:13PM -0400, Rob Foehl wrote:

   
> Possible substitutes include concierge or valet, or perhaps any of the 
> less 
> specific guard, sentry, sentinel, ...
> 
 I think "sentry" is short, and simple, and can even be thought of as a
 contraction of "smtp" and "entry". A bit less corny than "prefix" IMHO
 (sorry Patrick, nothing personal).
   
>>> "sentry" is good. 
>>>
>>> In a similar class is "triage", which I mention in the postscreen
>>> manpage at http://www.postfix.org/postscreen.8.html
>>> 
>> Two more names:
>>
>>   refuse
>>   drop(down)
>>
>>
>> I am very much in favor of greek or latin mythology, but I think prefix and
>> both words above are more in the tradition of describing what the program 
>> does
>> e.g.  pickup, cleanup, tlsmgr etc. which I actually like very much about
>> Postfix naming convention.
>>   
> "screener", then.
> Oh, wait ...
> 
> 
> but then, there is also "anvil"
> 
> J.L.
> 

"Anvil" is a name I always liked for a Postfix daemon, and I was also
thinking that building on that theme would be a good idea.  However, I'm
not clever enough to come up with an example.  "Vise" was all that I
could come up with.

-Mike

Re: store email with subject filename

[Magnus Bäck]

On Thursday, July 16, 2009 at 11:01 CEST,
 gianluca...@interfree.it wrote:

> My mailserver store mail in Maildir format, is possible through
> postfix, mailscanner or procmail to store mail with subject filename
> so i can find mail more quicly on server?

There is no such builtin feature to do this. The subject alone isn't
enough to make the filename unique. Why are you attempting to read email
in this manner? We have MUAs to solve this problem for us. You seem to
try using the wrong tool to solve a problem that you haven't explained
to us. If you explain the problem for us maybe we can suggest a solution
that doesn't involve the weirdness that you're requesting.

-- 
Magnus Bäck
mag...@dsek.lth.se

Re: mail to alias problem

[Magnus Bäck]

On Thursday, July 16, 2009 at 11:50 CEST,
 ramesh srinivas  wrote:

> Thanks Wietse,
> 
> my alias file entries as below
> all: ramesh, john
> 
> all these days working fine, i don't know suddenly it started sending
> multiple mails.

Create an alias named owner-all that maps to some person that's
appointed responsible for the list.

all: ramesh, john
owner-all: postmaster

Or, use a virtual alias instead of a local alias.

Please do not top-post.

-- 
Magnus Bäck
mag...@dsek.lth.se

Re: Courier-authlib wrong work

[mouss]

Михаил Евстратов a écrit :
> Hi!
> 
> I have
> 
> gw:/usr/sbin # /usr/bin/maildrop -v
> maildrop 2.1.0 Copyright 1998-2005 Double Precision, Inc.
> GDBM/DB extensions enabled.
> Courier Authentication Library extension enabled.
> Maildir quota extension enabled.
> This program is distributed under the terms of the GNU General Public
> License. See COPYING for additional information.
> 
> courier-authlib-0.61.0-1.16.i586.rpm
> courier-authlib-ldap-0.61.0-1.16.i586.rpm
> 
> authldaprc
> __
> LDAP_URIldaps://gw.domain.com
> LDAP_PROTOCOL_VERSION   3
> LDAP_BASEDN dc=domain, dc=com
> LDAP_BINDDN cn=administrator, dc=domain, dc=com
> LDAP_BINDPW toto
> LDAP_TIMEOUT5
> LDAP_MAIL   mail
> LDAP_HOMEDIRhomeDirectory
> LDAP_MAILDIRmailbox
> LDAP_DEFAULTDELIVERYdefaultDelivery
> LDAP_FULLNAME   cn
> LDAP_CLEARPWclearPassword
> LDAP_CRYPTPWuserPassword
> LDAP_DEREF  never
> LDAP_TLS0
> ___
> 
> gw:/usr/sbin # authtest u...@domain.com
> Authentication succeeded.
> 
> Authenticated: u...@domain.com  (system u...@domain.comname:
> u...@domain.com)
>Home Directory: /var/spool/mail/user/Maildir
>   Maildir: (none)
> Quota: (none)
> Encrypted Password: *
> Cleartext Password: (none)
>   Options: (none)
> 
> 
> gw:/usr/sbin # /usr/bin/maildrop -V10 -d u...@domain.com
> maildrop: authlib: groupid=3
> maildrop: authlib: u...@domain.comid=1001
> maildrop: authlib: logname=u...@domain.com,
> home=/var/spool/mail/user/Maildir, mail=(default)
> maildrop: Changing to /var/spool/mail/user/Maildir
> Test
> Message start at 0 bytes, envelope sender=u...@domain.com
> maildrop: Attempting .mailfilter
> maildrop: Delivering to /var/mail/u...@domain.com
> maildrop: Flock()ing /var/mail/u...@domain.com.
> maildrop: Appending to /var/mail/u...@domain.com.
> maildrop: Delivery complete.
> 
> Problem:
> 
> mail=(default) , and Appending to /var/mail/u...@domain.com.
> 
> Any changes in authldaprc and miss authldaprc dont make good result.
> I dont know where courier-authlib take value off attributs (mail)
> 

you'd better ask on courier-users or courier-maildrop lists. maildrop
and courier-authlib are not part of postfix.

Re: Multiple PTR entries

[mouss]

Roderick A. Anderson a écrit :
> With all the traffic recently on DNS and friends I got overloaded and
> stopped reading.  :-(
> 
> But now I've run into a situation that I don't remember seeing addressed.
> 
> How will Postfix deal with a machine that has two different names for
> the same IP and multiple PTR records?
> 


The first question to ask is: why use multiple PTRs?

people are often confused and think that multiple PTRs are needed for
"virtual hosting". virtual hosting uses multiple A records.

anyway, as has been said, postfix and other servers will use the first
PTR returned by the resolver. in the case of round robin, this may be
any of the listed PTRs. and if the server requires "confirmed" rDNS,
then it means you need more work to get it right (for each PTR, you need
to setup an A record pointing to the client IP).

Re: Auto-reply software

[Robert Schetterer]

mar...@cloud9.net:D schrieb:
> Hi!
> 
> I need the auto-reply software for my postifx + mysql + courier +
> maildrop configuration. Does somebody an easy way to make this?
> 
> I have looked up for a tutorial in the internet but none of them work
> well. :(
> 
> Thanks a lot!

look at the vacation script that comes with postfix admin

-- 
Best Regards

MfG Robert Schetterer

Germany/Munich/Bavaria

OT: Why are my servers strong passwords compromised

[ram]

Sorry for this OT post .. but I think this is a common problem for all
postfix admins

We run smtp services for our clients using smtp-auth. And nowadays we
also enforce a strong password (minimum alphanumeric)
But still people's passwords get compromised. Even a relatively strong
password. To save our postfix servers I have implemented rate-limits ,
and outgoing spam scanning.

We identify the accounts quickly and change the passwords , but in the
end we have a frustrated client whose genuine mails are not going
because of a compromised account.

How do spammers get these passwords ?? 


Thanks
Ram

Re: OT: Why are my servers strong passwords compromised

[Michael Tokarev]

ram wrote:

Sorry for this OT post .. but I think this is a common problem for all
postfix admins

We run smtp services for our clients using smtp-auth. And nowadays we
also enforce a strong password (minimum alphanumeric)
But still people's passwords get compromised. Even a relatively strong
password. To save our postfix servers I have implemented rate-limits ,
and outgoing spam scanning.

We identify the accounts quickly and change the passwords , but in the
end we have a frustrated client whose genuine mails are not going
because of a compromised account.

How do spammers get these passwords ?? 


Easy: think of windows worms who steal passwords from the client machines...

/mjt

smtp time outs and delays + spamc being called when using amavis-new

[Jumping Mouse]

Hello everyone, 
I am using postfix 2.5.4  with amavisd-new, courier imap, clamd, spamassasin, 
maildrop on Ubuntu 6.06.2 LTS server which I inherited.
I have been struggling alone to try to resolve two issues and hope that i can 
get some help here.
Issue 1. 
Many of my users have been encountering smtp time outs and delays (most are 
using thunderbird latest version) .Most of the time smtp is very responsive 
but at times there are these delays  of 10-30 seconds and sometimes the 
connection times out.   delays occur on both port 25 and 587.
I have noted that smtp processes are not at maximum during these times,  also 
there is more than enough memory on the server.   
default_process_limit = 100


I have read over http://postfix.mirrorspace.org/STRESS_README.html   and 
checked my main.cf and master.cf to see if I could change some settings but all 
seams to check out. 

Here is my main.cf
# Postfix master process configuration file.  For details on the format# of the 
file, see the Postfix master(5) manual page.## 
==# 
service type  private unpriv  chroot  wakeup  maxproc command + args#   
(yes)   (yes)   (yes)   (never) (100)# 
==smtp  
  inetn   -   -   -   -   smtpd#submission inet n  
-   -   -   -   smtpd# -o smtpd_etrn_restrictions=reject#   
   -o smtpd_client_restrictions=permit_sasl_authenticated,rejectsmtpsinet  
n   -   n   -   -   smtpd   -o 
smtpd_tls_wrappermode=yes-o smtpd_sasl_auth_enable=yes#submission inet n
  -   -   -   -   smtpd#  -o smtpd_etrn_restrictions=reject#  
-o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes#628  inet  n   - 
  -   -   -   qmqpd587   inet  n   -   -   -   
-   smtpd   -o smtpd_sasl_auth_enable=yespickupfifo  n   -   -  
 60  1   pickup -o content_filter=-o 
receive_override_options=no_header_body_checkscleanup   unix  n   -   - 
  -   0   cleanupqmgr  fifo  n   -   -   300 1  
 qmgr#qmgr fifo  n   -   -   300 1   oqmgr#tlsmgr   
 unix  -   -   -   1000?   1   tlsmgrtlsmgr  unix  -
   -   n   300 1   tlsmgrrewrite   unix  -   -   -  
 -   -   trivial-rewritebounceunix  -   -   -   -   
0   bouncedefer unix  -   -   -   -   0   
bouncetrace unix  -   -   -   -   0   bounceverify
unix  -   -   -   -   1   verifyflush unix  n   -   
-   1000?   0   flushproxymap  unix  -   -   n   -  
 -   proxymapsmtp  unix  -   -   -   -   -   smtp# 
When relaying mail as backup MX, disable fallback_relay to avoid MX loopsrelay  
   unix  -   -   -   -   -   smtp   -o fallback_relay=# 
  -o smtp_helo_timeout=5 -o smtp_connect_timeout=5showq unix  n   - 
  -   -   -   showqerror unix  -   -   -   -   
-   errordiscard   unix  -   -   -   -   -   
discardlocal unix  -   n   n   -   -   localvirtual   
unix  -   n   n   -   -   virtuallmtp  unix  -   -  
 -   -   -   lmtpanvil unix  -   -   -   -  
 1   anvilscacheunix  -   -   -   -   1   scache## 
# 
Interfaces to non-Postfix software. Be sure to examine the manual# pages of the 
non-Postfix software to find out what options it wants.## Many of the following 
services use the Postfix pipe(8) delivery# agent.  See the pipe(8) man page for 
information about ${recipient}# and other message envelope options.# 
## 
maildrop. See the Postfix MAILDROP_README file for details.# Also specify in 
main.cf: maildrop_destination_recipient_limit=1#maildrop  unix  -   n   
n   -   -   pipe  flags=DRhu user=vmail 
argv=/usr/local/bin/maildrop -d ${recipient}## See the Postfix UUCP_README file 
for configuration details.#uucp  unix  -   n   n   -   -
   pipe  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail 
($recipient)## Other external delivery methods.#ifmailunix  -   n   
n   -   -   pipe  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r 
$nexthop ($recipient)bsmtp unix  -   n   n   -   -   
pipe  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender 
$recipientscalemail-backend unix-   n   n   -   2   
pipe  flags=R user=scalemai