Re: sender_bcc_maps delivered twice

2011-03-26 Thread mouss 
Le 25/03/2011 13:16, Frank Bonnet a écrit :
> On 03/25/2011 11:32 AM, Ralf Hildebrandt wrote:
>> * Frank Bonnet :
>>
>>> smtp   inetn  -   n   -   300   smtpd
>>-o receive_override_options=no_address_mappings
>>
> 
> It does not work, the target still receive two copies.
> 

how did you submit mail? if it's via the sendmail command, then also add
the line under "pickup".

to summarise:

[Option 1]
add no_address_mappings option before content filter.
This way content filter sees "original" addresses.

if so do it in each smtpd/pickup before content_filter (except those for
which content filtring is disabled)

[Option 2]
add that option to after the filter.
but then the content filter will not see the original addresses (in the
case of aliases for example) and will get more mail if aliases expand to
multiple addresses or when using bcc options.

Re: Making my own pipe..

2011-03-26 Thread Jeroen Geilman 

On 03/25/2011 12:02 AM, Simon Brereton wrote:

Hi

I'm still trying to get Postfix to use deliverquota to deliver the mails to my 
Maildirs.

The only thing I could find on the net was a comment from Magnus 
http://www.irbs.net/internet/postfix/0412/1673.html that I had to make my own 
pipe.

So this is my attempt:

deliverquota  unix  -   n   n   -   -   pipe
flags=DRhu user=vmail argv=/usr/bin/deliverquota $domain/$recipient

One concern - vmail is not a user on my system (and since I copied this from 
the maildrop pipe, I'm now wondering how mail is delivered at all.
   


Not via maildrop, since the user does not exist.
The first message postfix tries to deliver to the maildrop transport 
will crash it with a fatal error.


For basic information on how (local) mail is delivered, read 
http://www.postfix.org/OVERVIEW.html#delivering



My first question is, is $domain/$recipient the way to deliver a Maildir 
structure that is always domain.tld/user where user is the portion before the @ 
- this is the way I've understood man pipe, but I'd like to be sure.
Do I need it to be unpriv or not?
   


The choice of mailstore is unrelated to any other postfix configuration 
options; it's just a choice.
If you want mail to be stored in /var/mail/domain.tld/username then the 
above will accomplish that.


I'm unsure what you mean by "unpriv" - postfix does not execute setuid 
root programs, so in that sense, everything is unprivileged.




My second question is what happens when deliverquota refuses to deliver the 
mail because the Maildir is over quota?  Does postfix try to deliver a DNS?

   


That depends on the status deliverquota returns to postfix.
If it's a temporary error, the message will be deferred and retried later.
If it's a permanent error, the message will be rejected and postfix will 
generate a DSN back to the originator.



--
J.

Re: SASL authentication failure: All-whitespace username

2011-03-26 Thread weber 



On Thu, 24 Mar 2011 18:51:16 +0100, Patrick Ben Koetter 
 wrote:

* Victor Duchovni :
On Thu, Mar 24, 2011 at 02:07:43PM -0300, Odilo Schwade Junior 
wrote:


> It is not my IP address. I don't know if it's a zombie.. I just 
think it may
> be..  XXX.XXX.XXX.XXX =  random IPs address. Most of Brazil, 
Portugal

> and US as I said earlier.

You can restrict SASL to TLS only, then perhaps fewer zombies will 
bother.
If you get SASL attempts from TLS-enabled zombies, just make sure 
your
passwords are strong enough to not succumb to easy dictionary 
attacks.


You can also use fail2ban to ban (iptables) clients that have X 
unsucessful

SASL login attempts.


A friend implemented that Method on my Server. It works like a charme.



p@rick