Re: Need Help with Postfix - MIMEDefang Config

[mouss]

Le 11/12/2010 05:02, Philip A Colvin a écrit :


I think I may be getting closer, but ran into a bit of problem. I have
put smtpd_milters = unix:/var/spool/MIMEDefang/mimedefang.sock in the
main.cf. Now I get this in the log and no mail goes through:

postfix/smtpd[2075]: warning: connect to Milter service
unix:/var/spool/MIMEDefang/mimedefang.sock: No such file or directory

I checked the permissions of the /var/spool/MIMEDefang directory and the
contents and they all have the user and group set to defang.

Any thoughts?



Is the socket there?
# ls -l /var/spool/MIMEDefang/mimedefang.sock
# file /var/spool/MIMEDefang/mimedefang.sock

maybe you have a chroot issue?
# grep smtpd master.cf

otherwise, check the permissions starting from the top:
# ls -l / |grep /var
# ls -l /var |grep spool
# ls -la /var/spool/MIMEDefang

do you have any "security thing" like SELinux, AppArmor, ...?
What system/distribution are you running?



Thanks again.

Phil Colvin

Re: fqrdns.pcre

[Stefan G. Weichinger]

Am 2010-12-10 23:32, schrieb Steve:
> 
>  Original-Nachricht 
>> Datum: Fri, 10 Dec 2010 22:46:35 +0100 Von: "Stefan G. Weichinger"
>>  An: Steve  CC:
>> postfix-users@postfix.org Betreff: Re: fqrdns.pcre
> 
>> 
>> We are getting quite off topic here, I assume. BLs aren't postfix,
>> I know.
>> 
>> Maybe we should continue off-list, Steve?
>> 
> Yes. I will do that after responding to this mail here. Okay?

Yes, I will reply off-list now.
Stefan

Timeout for relay on primary MX

[Bissio2000]

Hi all,

i'm setting a server as secondary MX backup for my domain.com. My question
is: how can I increase the timeout limit to hold messages in queue on
secondary mx before they are deleted and they are not delivered on primary
when it returns up?

Thanks

Re: Timeout for relay on primary MX

[Ralf Hildebrandt]

* Bissio2000 :
> Hi all,
> 
> i'm setting a server as secondary MX backup for my domain.com. My question
> is: how can I increase the timeout limit to hold messages in queue on
> secondary mx before they are deleted and they are not delivered on primary
> when it returns up?

maximal_queue_lifetime 

-- 
Ralf Hildebrandt
  Geschäftsbereich IT | Abteilung Netzwerk
  Charité - Universitätsmedizin Berlin
  Campus Benjamin Franklin
  Hindenburgdamm 30 | D-12203 Berlin
  Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
  ralf.hildebra...@charite.de | http://www.charite.de

R: Timeout for relay on primary MX

[Bissio2000]

* Bissio2000 :
> Hi all,
> 
> i'm setting a server as secondary MX backup for my domain.com. My question
> is: how can I increase the timeout limit to hold messages in queue on
> secondary mx before they are deleted and they are not delivered on primary
> when it returns up?

maximal_queue_lifetime 

Thanks a lot.
Bye

-- 
Ralf Hildebrandt
  Geschäftsbereich IT | Abteilung Netzwerk
  Charité - Universitätsmedizin Berlin
  Campus Benjamin Franklin
  Hindenburgdamm 30 | D-12203 Berlin
  Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
  ralf.hildebra...@charite.de | http://www.charite.de

Re: postfix qmgr not happy with db4.1

[Wietse Venema]

Len Conrad:
> >Dec 10 20:04:38 mx1.xxx.net/mx1.hctc.net postfix/qmgr[10866]: Compiled 
> >against Berkeley DB: 4.1.25?
> >
> >Dec 10 20:07:48 mx1.xxx.net/mx1.hctc.net postfix/master[10860]: warning: 
> >process /usr/local/libexec/postfix/smtpd pid 10906 exit status 1

Turn off verbose logging. Then, you have a chance to see the
"fatal" message that qmgr logs BEFORE it terminates.

Wietse

Re: robin-robin distribution list

[Wesley]

guys,

thanks for the reply. well, the problem is that i got an generic account
(e.g. supp...@example.com) and i would like to forward incoming emails to my
supporting staff randomly..well, maybe equally, which means forwarding the
first message to staff1, next to staff2, next to staff3 and so on (those
staffs are in an email list). I did not use MySQL in my Postfix platform so
i guess Wietse's idea bit difficult for me to implement. Will check on the
APolicy daemon. thanks.

wesley

2010/12/10 Victoriano Giralt 

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
>
> Wietse Venema wrote:
> | If you must deliver i...@example.com to info1 or info2 etc., then you
> | need a virtual alias table that replies with a random name. Perhaps
> | there is such functionality in MySQL.
> 8<-8<
>
> |
> | On the other hand, it sounds like you are trying to solve a different
> | problem that may have a better solution than random delivery, but
> | we don't know what that problem is.
>
> I totally agree with Wietse that it is difficult to give answers if we do
> not know the real question, but, you might get some ideas from the ACL
> policy daemon: http://www.apolicy.org/cgi-bin/moin.cgi, I remember reading
> about some functionality slightly similar to what you describe in its
> documentation.
>
> - --
> Victoriano Giralt
> Systems Manager
> Central ICT Services
> University of Malaga
> SPAIN
> - -
> A: Yes.
> | > Q: Are you sure ?
> |> >> A: Because it reverses the logical flow of conversation.
> |>> >>> Q: Why is top posting annoying in email ?
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.5 (GNU/Linux)
> Comment: Using GnuPG with CentOS - http://enigmail.mozdev.org
>
> iD8DBQFNAhbaV6+mDjj1PTgRAgD1AKCX+A4iwWSWDXcjU9FqtdD2PAU5pQCgp4jm
> E1lg+SEkcrMKp3dbKZDbauc=
> =zIks
> -END PGP SIGNATURE-
>



-- 
"The greatest danger for most of us is not that our aim is too high and we
miss it, but that it is too low and we reach it" - Michelangelo

Re: Adding a reply-to header when none is present

[Ansgar Wiechers]

On 2010-12-10 thussvm wrote:
> Because of a domain move we're doing, we're trying to add a reply-to
> header in postfix when no reply-to header is already present. The rule
> we're using is:
> 
> !/^Reply-To/ prepend Reply-To: "Support" 
> 
> However, since the check is being applied to each header line we get a
> bunch of reply-to's prepended instead of just one. Is there a regex we
> can use to say:
> 
> If no reply-to header exists anywhere in the headers
>then prepend one reply-to header

As others have already said: header_checks inspects one header at a time,
not all headers as a whole.

If your mail goes through Postfix only once, you could try prepending
some unique header (e.g. Subject or Message-ID) with the Reply-To
header:

  if /^message-id:/
/^message-id:/ PREPEND Reply-To: "Support" 
  endif

However, that's merely a workaround (and an ugly one at that), not a
real solution.

And please use RFC 2606 domain names instead of some made-up fake domain
that may actually be a real domain belonging to someone else. That's why
the domains in RFC 2606 are reserved after all.

Regards
Ansgar Wiechers
-- 
"Abstractions save us time working, but they don't save us time learning."
--Joel Spolsky

Re: Please Test ... was: FrontBridge RFC 2920 write-up

[Michael J Wise]

On Dec 9, 2010, at 2:12 PM, Wietse Venema wrote:

> Michael, thanks for helping.

Most welcome, glad I could help.

Just out of curiosity, and because so many back at the ranch are asking...
Does anyone know if this problem just surfaced, or has been a latent issue for 
a long time?
How long has this been going on?

Aloha,
Michael.
-- 
"Please have your Internet License http://kapu.net/~mjwise/
 and Usenet Registration handy..."

MYSql Issues

[Jonathan Tripathy]

Hi Everyone,

This is maybe a little off-topic, but is anyone having any problems with 
their mysql servers today? I have 3 separate mysql servers (running in 3 
different VMs). One of them is used to do my Postfix SASL 
authentication. Auth is failing today (possibly timing out). Also, the 2 
other mysql servers are used for web services and both of them are 
really slow today. All servers are running near idle.


Any ideas, at least on the postfix issue? I see this when my WHMCS (PHP 
billing system) tried to connect to the postfix server:


warning: unknown[10.87.14.2]: SASL LOGIN authentication failed: VXNlcm5hbWU6

This setup has been working for months without issue. Just today it's 
playing up..


Thanks

Re: MYSql Issues

[Jeroen Geilman]

On 12/11/10 7:18 PM, Jonathan Tripathy wrote:

Hi Everyone,

This is maybe a little off-topic, but is anyone having any problems 
with their mysql servers today?


That is an odd - and disturbingly non-technical - assertion, that the 
date has anything to do with how a product deployed on hundreds of 
thousands of computer systems performs.

Have you administered a computer before ?
I have 3 separate mysql servers (running in 3 different VMs). One of 
them is used to do my Postfix SASL authentication.

No.

Postfix uses either Cyrus sasl or dovecot sasl to authenticate. Neither 
of them are MySQL.


Auth is failing today (possibly timing out). Also, the 2 other mysql 
servers are used for web services and both of them are really slow 
today. All servers are running near idle.


Any ideas, at least on the postfix issue? 


There is no postfix issue.

I see this when my WHMCS (PHP billing system) tried to connect to the 
postfix server:


warning: unknown[10.87.14.2]: SASL LOGIN authentication failed: 
VXNlcm5hbWU6


So maybe the credentials were, I don't know... incorrect ?



This setup has been working for months without issue. Just today it's 
playing up..



Ah, I've never heard that one before.

YES, you changed something - something ALWAYS changed.

Most likely culprit is a software update/upgrade.


Thanks



--
J.

Re: Adding a reply-to header when none is present

[mouss]

Le 11/12/2010 17:31, Ansgar Wiechers a écrit :

On 2010-12-10 thussvm wrote:

Because of a domain move we're doing, we're trying to add a reply-to
header in postfix when no reply-to header is already present. The rule
we're using is:

!/^Reply-To/ prepend Reply-To: "Support"

However, since the check is being applied to each header line we get a
bunch of reply-to's prepended instead of just one. Is there a regex we
can use to say:

If no reply-to header exists anywhere in the headers
then prepend one reply-to header


As others have already said: header_checks inspects one header at a time,
not all headers as a whole.

If your mail goes through Postfix only once, you could try prepending
some unique header (e.g. Subject or Message-ID) with the Reply-To
header:

   if /^message-id:/
 /^message-id:/ PREPEND Reply-To: "Support"
   endif



That will add the Reply-To: header to all messages and may cause more 
than one such header to appear in a message, which would be incorrect 
(RFC 5322, section 3.6, page 20).


if OP wants to remove previously set Reply-To headers, then he can use

/^(Reply-To:.*)/REPLACE X-WAS-$1

together with your suggestion.

he could also stack multiple smtpd listeners with their own cleanups and 
header_checks. but that's a bit convoluted. so unless OP tells us more, ...



However, that's merely a workaround (and an ugly one at that), not a
real solution.

And please use RFC 2606 domain names instead of some made-up fake domain
that may actually be a real domain belonging to someone else. That's why
the domains in RFC 2606 are reserved after all.

Regards
Ansgar Wiechers

Re: robin-robin distribution list

[Arnim Sommer]

Wesley schrieb am 11.12.2010 16:06:

guys,

thanks for the reply. well, the problem is that i got an generic account 
(e.g. supp...@example.com ) and i would like to 
forward incoming emails to my supporting staff randomly..well, maybe 
equally, which means forwarding the first message to staff1, next to staff2, 
next to staff3 and so on (those staffs are in an email list). I did not use 
MySQL in my Postfix platform so i guess Wietse's idea bit difficult for me 
to implement. Will check on the APolicy daemon. thanks.



Looks like you are looking for a ticket system in the long run...

Arnim

Re: MYSql Issues

[John Adams]

Am 11.12.2010 19:18, schrieb Jonathan Tripathy:

Hi Everyone,

This is maybe a little off-topic, but is anyone having any problems with
their mysql servers today? I have 3 separate mysql servers (running in 3
different VMs). One of them is used to do my Postfix SASL
authentication. Auth is failing today (possibly timing out). Also, the 2
other mysql servers are used for web services and both of them are
really slow today. All servers are running near idle.

Any ideas, at least on the postfix issue? I see this when my WHMCS (PHP
billing system) tried to connect to the postfix server:

warning: unknown[10.87.14.2]: SASL LOGIN authentication failed:
VXNlcm5hbWU6

This setup has been working for months without issue. Just today it's
playing up..

Thanks


Hard to say without further info.
Can you please follow the instructions here

http://www.postfix.org/DEBUG_README.html#mail

before you post debugging requests?
This could help isolating the problem.

Re: MYSql Issues

[Jonathan Tripathy]

On 11/12/10 18:56, Jeroen Geilman wrote:

On 12/11/10 7:18 PM, Jonathan Tripathy wrote:

Hi Everyone,

This is maybe a little off-topic, but is anyone having any problems 
with their mysql servers today?


That is an odd - and disturbingly non-technical - assertion, that the 
date has anything to do with how a product deployed on hundreds of 
thousands of computer systems performs.

It is not unheard of for software issues to crop up on certain dates.

Have you administered a computer before ?

Your insulting tone is not appreciated
I have 3 separate mysql servers (running in 3 different VMs). One of 
them is used to do my Postfix SASL authentication.

No.

Postfix uses either Cyrus sasl or dovecot sasl to authenticate. 
Neither of them are MySQL.
Thanks for the clarification. I am using dovecot, however I do have a 
lot of virtual mappings in my main.cf file which run MYSQL queries.


Auth is failing today (possibly timing out). Also, the 2 other mysql 
servers are used for web services and both of them are really slow 
today. All servers are running near idle.


Any ideas, at least on the postfix issue? 


There is no postfix issue.

I see this when my WHMCS (PHP billing system) tried to connect to the 
postfix server:


warning: unknown[10.87.14.2]: SASL LOGIN authentication failed: 
VXNlcm5hbWU6


So maybe the credentials were, I don't know... incorrect ?

The credentials are not incorrect, as the settings file wasn't changed




This setup has been working for months without issue. Just today it's 
playing up..



Ah, I've never heard that one before.

YES, you changed something - something ALWAYS changed.

Most likely culprit is a software update/upgrade.
Possibly a software upgrade is causing the issue, however I haven’t 
configured automatic updates on the Ubuntu VMs.

Re: MYSql Issues

[Jonathan Tripathy]

On 11/12/10 19:19, John Adams wrote:

Am 11.12.2010 19:18, schrieb Jonathan Tripathy:

Hi Everyone,

This is maybe a little off-topic, but is anyone having any problems with
their mysql servers today? I have 3 separate mysql servers (running in 3
different VMs). One of them is used to do my Postfix SASL
authentication. Auth is failing today (possibly timing out). Also, the 2
other mysql servers are used for web services and both of them are
really slow today. All servers are running near idle.

Any ideas, at least on the postfix issue? I see this when my WHMCS (PHP
billing system) tried to connect to the postfix server:

warning: unknown[10.87.14.2]: SASL LOGIN authentication failed:
VXNlcm5hbWU6

This setup has been working for months without issue. Just today it's
playing up..

Thanks


Hard to say without further info.
Can you please follow the instructions here

http://www.postfix.org/DEBUG_README.html#mail

before you post debugging requests?
This could help isolating the problem.



Just to keep everyone updated on this, I re-installed the MYSQL servers 
(just simple apt-get commands) and all seems to be working well nowweird


Thanks

Re: robin-robin distribution list

[Wesley]

right. something like that. i wonder if there's any solution for this.

On Sun, Dec 12, 2010 at 3:06 AM, Arnim Sommer wrote:

>  Wesley schrieb am 11.12.2010 16:06:
>
> guys,
>
>  thanks for the reply. well, the problem is that i got an generic account
> (e.g. supp...@example.com) and i would like to forward incoming emails to
> my supporting staff randomly..well, maybe equally, which means forwarding
> the first message to staff1, next to staff2, next to staff3 and so on (those
> staffs are in an email list). I did not use MySQL in my Postfix platform so
> i guess Wietse's idea bit difficult for me to implement. Will check on the
> APolicy daemon. thanks.
>
>  Looks like you are looking for a ticket system in the long run...
>
> Arnim
>



-- 
"The greatest danger for most of us is not that our aim is too high and we
miss it, but that it is too low and we reach it" - Michelangelo

Re: Please Test ... was: FrontBridge RFC 2920 write-up

[Wietse Venema]

Michael J Wise:
> On Dec 9, 2010, at 2:12 PM, Wietse Venema wrote:
> 
> > Michael, thanks for helping.
> 
> Most welcome, glad I could help.
> 
> Just out of curiosity, and because so many back at the ranch are asking...
> Does anyone know if this problem just surfaced, or has been a
> latent issue for a long time? How long has this been going on?

I recall that until perhaps the middle of this year, FrontBridge
was running on top of a version of Postfix (see below). I suspect
that the PIPELINING problem started after that MTA was replaced by
a Microsoft MTA, which happened in or before August 2010.

Wietse

http://web.archive.org/web/20070821064858rn_1/technet.microsoft.com/en-us/exchange/bb288511.aspx

(see example with "220 mail77-red.bigfish.com ESMTP Postfix EGGS and Butter")