Regenerate or move postfix queue

[Santiago Romero]

Hi.

I'm running out of space for my postfix's spool directory and I'm planning 
to create a new 30GB partition and mount it over the current spool dir 
(/var/spool/postfix).


How do I re-generate the queue after mounting the new partition and having 
an emtpy /var/spool/postfix/ ?


In squid, as an example, exists "squid -Z" which recreates postfix's queue. 
There is something similar in postfix? Maybe I should check CentOS 
postfix's post-install scripts instead (/etc/postfix/post-install)?


Another option would be (after stopping postfix), move the old queue 
contents to the new queue, but I'm not sure if that would be OK (in qmail, 
it couldn't be done because each message in the queue depends on the fs 
i-node).


Thanks.

PS:

# ls -ld /var/spool/postfix/
drwxr-xr-x 16 root root 4096 oct  1  2009 /var/spool/postfix/

# ls -l /var/spool/postfix/
total 1736
drwx--  2 postfix root 32 jun 21 09:27 active
drwx--  2 postfix root   4096 jun 21 06:54 bounce
drwx--  2 postfix root   4096 ago 14  2008 corrupt
drwx-- 18 postfix root   4096 jul  2  2010 defer
drwx-- 18 postfix root   4096 jul  2  2010 deferred
drwx--  2 postfix root   4096 ago 14  2008 flush
drwx--  2 postfix root   4096 ago 14  2008 hold
drwx--  2 postfix root 761856 jun 21 09:25 incoming
drwx-wx---  2 postfix postdrop  16384 jun 21 09:25 maildrop
drwxr-xr-x  2 rootroot   4096 jul  2  2010 pid
drwx--  2 postfix root   4096 may 26 12:11 private
drwx--x---  2 postfix postdrop   4096 may 26 12:11 public
drwx--  2 postfix root   4096 ago 14  2008 saved
drwx--  2 postfix root   4096 ago 14  2008 trace

Re: Incorrect authentication data message

[Dennis Guhl]

On Wed, Jun 20, 2012 at 07:40:27PM +0100, Nicolás wrote:
> El 20/06/2012 17:12, Dennis Guhl escribió:

[..]

> >Are you really sure your email is directed to the correct server? Is
> >the A record for domain.es the same as for mail.domain.es?
> 
> That was the real mistake. As it was not resolving the MX record, it
> was sending the request directly to the registrar server - where
> there is no server. So I now changed that, but when I try to send an
> e-mail now, I get the following error:
> 
> Jun 20 19:25:01 mail postfix/smtpd[14475]: connect from
> my.ip.add.ress[my.ip.add.ress]
> Jun 20 19:25:02 mail policyd-spf[14480]: None; identity=helo;
> client-ip=my.ip.add.ress; helo=nagios.localdomain;
> envelope-from=root@nagios.localdomain; receiver=nico...@domain.es
> Jun 20 19:25:02 mail policyd-spf[14480]: None; identity=mailfrom;
> client-ip=my.ip.add.ress; helo=nagios.localdomain;
> envelope-from=root@nagios.localdomain; receiver=nico...@domain.es
> Jun 20 19:25:03 mail postfix/smtpd[14475]: NOQUEUE: reject: RCPT
> from my.ip.add.ress[my.ip.add.ress]: 450 4.7.1 :
> Helo command rejected: Host not found;

Your mailserver can not find the HELO name your client provided and
thus rejected the mail, because in one of your
smtpd_mumble_restrictions you set reject_unknown_helo_hostname
(http://www.postfix.org/postconf.5.html#reject_unknown_helo_hostname)
prior to permit_sasl_authenticated. To see why you probably don't want
reject_unknown_helo_hostname at all see the list archives.

> from= to= proto=ESMTP
> helo=

This is the offending HELO.

> Jun 20 19:25:03 mail postfix/smtpd[14475]: disconnect from
> my.ip.add.ress[my.ip.add.ress]
> 
> I understand the client is identifying itself as
> root@nagios.localhost, but what I want to achieve is to identify

No, the client is rejected due to the unknown HELO name. Specify
myhostname (http://www.postfix.org/postconf.5.html#myhostname) with a
resolvable name on your client or put reject_unknown_helo_hostname
after permit_sasl_authenticated on your server.

As it might lead to further problems: To match your MAIL FROM to your
SASL username set myorigin
(http://www.postfix.org/postconf.5.html#myorigin) accordingly.

In case of further problems please show the servers postconf -n
completely and unaltered.

Dennis

[..]

Re: Regenerate or move postfix queue

[Wietse Venema]

Santiago Romero:
> Hi.
> 
> I'm running out of space for my postfix's spool directory and I'm planning 
> to create a new 30GB partition and mount it over the current spool dir 
> (/var/spool/postfix).
> 
> How do I re-generate the queue after mounting the new partition and having 
> an emtpy /var/spool/postfix/ ?

In an off-list response, I pointed out that "postfix start" will
do this automatically.

Wietse

$ man postfix
...
   check  Warn about bad directory/file ownership or permissions, and cre-
  ate missing directories.

   start  Start  the Postfix mail system. This also runs the configuration
  check described above.

Transport Maps

[post...@netorbit.it]

Hi,

just a quick question regarding transport_maps.

I've read documentation on 
http://www.postfix.org/postconf.5.html#transport_maps, but cannot 
understand what actually happens during postfix lookups, when 
transport_maps is being specified as:


transport_maps = type:A, type:B

Would postfix query first table A and if not getting a match, moves to 
query table B ?
If the transport given by table A defers the email (eg by connection 
timeout), would postfix use the results from table B?


In my case I've

transport_maps = hash:/etc/postfix/transport, tcp:[127.0.0.1]:

The first table is just an hash: table (domain => transport), while the 
second one randomly reports a transport beetwen a limited set, in order 
to provide outgoing random transport usage.
I'm noticing that mail which should be forcibly directed to a specific 
transport by the hash: table (and postmap -q confirms), gets after a 
defer (eg. connection timeout), moved to one of the transports provided 
by the "randomizer".


If more data is needed, I'd post main.cf and master.cf and the 
randomizing script code (very short).


Thanks in advance, for your time

Angelo





--
This mail was scanned by BitDefender
For more information please visit http://www.bitdefender.com/links/en/frams.html

Re: Transport Maps

[Wietse Venema]

post...@netorbit.it:
> Hi,
> 
> just a quick question regarding transport_maps.
> 
> I've read documentation on 
> http://www.postfix.org/postconf.5.html#transport_maps, but cannot 
> understand what actually happens during postfix lookups, when 
> transport_maps is being specified as:
> 
> transport_maps = type:A, type:B
> 
> Would postfix query first table A and if not getting a match, moves to 
> query table B ?

Yes. Table B is queried only if the query of table A produces "not found".

> If the transport given by table A defers the email (eg by connection 
> timeout), would postfix use the results from table B?

No. Table B is queried only if the query of table A produces "not found".

This is how all *_maps features work in Postfix.

Wietse

Re: Transport Maps

[post...@netorbit.it]

On 21/06/2012 16:25, Wietse Venema wrote:


transport_maps is being specified as:

transport_maps = type:A, type:B

Would postfix query first table A and if not getting a match, moves to
query table B ?
Yes. Table B is queried only if the query of table A produces "not found".


If the transport given by table A defers the email (eg by connection
timeout), would postfix use the results from table B?

No. Table B is queried only if the query of table A produces "not found".

This is how all *_maps features work in Postfix.

Wietse

Hi Wietse,

it just what I was expecting.
Since apparently I'm noticing a different behavior, I need to 
investigate more deeply and understand where my error lies.


Hope I don't need to disturb you again.

Have a nice day.
Angelo







--
This mail was scanned by BitDefender
For more information please visit http://www.bitdefender.com/links/en/frams.html

Domain alias and mailbox alias conflict

[Juan José Sánchez Mesa]

Hi!

I'm new to this list.

I have a problem setting up aliases for two domains.

I have two domains: one primary domain.com and one seconday domain.net.

Primary domain has "real" mailboxes. Secondary domain has and alias for 
primary domain:


@domain.net -> @domain.com

So, mail sent to a mailbox in secondary domain, will go to the mailbox 
in primary domain.


This is working ok.

But, we setup an alias on primary domain, to forward mail to a gmail 
account:


m...@domain.com -> m...@gmail.com

This works pretty well if mail is sent to m...@domain.com. But, If we 
send an email to m...@domain.net, Postfix correctly rewrite the email to 
m...@domain.com, but then it don't forward to m...@gmail.com, it pass 
the mail to maildrop and is stored in disk instead of forwarded.


This cannot be accomplished ?

Domain forward and mail forward are in same table and used in 
virtual_alias_maps setting.


Any idea ?

Thanks!

Re: Domain alias and mailbox alias conflict

[Viktor Dukhovni]

On Thu, Jun 21, 2012 at 05:59:32PM +0200, Juan Jos? S?nchez Mesa wrote:

> Primary domain has "real" mailboxes. Secondary domain has and alias
> for primary domain:

Instead of giving an anecdotal description of your configuration,
post the actual settings.

1. postconf -n output
2. Output of "postmap -q key table" commands that show
   the relevant table contents.
3. Logs for the problem transaction (all log entries for
   its queue-id).

> @domain.net -> @domain.com

Generally a bad idea: if exposed to external senders, this breaks
recipient validation and generates substantial backscatter when
your domain is subjected to a dictionary attack.

> But, we setup an alias on primary domain, to forward mail to a gmail
> account:
> 
> m...@domain.com -> m...@gmail.com
> 
> This works pretty well if mail is sent to m...@domain.com. But, If
> we send an email to m...@domain.net, Postfix correctly rewrite the
> email to m...@domain.com, but then it don't forward to
> m...@gmail.com, it pass the mail to maildrop and is stored in disk
> instead of forwarded.
> 
> This cannot be accomplished ?
> 
> Domain forward and mail forward are in same table and used in
> virtual_alias_maps setting.

Hard to say without any concrete configuration information.  Virtual
expansion is recursive, so when "m...@example.net" expands to
"m...@example.com" this is in-turn subjected to further virtual
alias expansion, so the issue you describe is inconsistent with
the configuration you allude to.

-- 
Viktor.

Re: Domain alias and mailbox alias conflict

[Juan José Sánchez Mesa]

Instead of giving an anecdotal description of your configuration,
post the actual settings.

1. postconf -n output
2. Output of "postmap -q key table" commands that show
   the relevant table contents.
3. Logs for the problem transaction (all log entries for
   its queue-id).



Sorry! I've attached postconf result, and log of transaction.


postmap output:

# postmap -q fe...@domain.net mysql:/usr/local/etc/postfix/mysql-alias.cf
[nothing]

# postmap -q @domain.net mysql:/usr/local/etc/postfix/mysql-alias.cf
@domain.com

# postmap -q fe...@domain.com mysql:/usr/local/etc/postfix/mysql-alias.cf
m...@gmail.com


Please, if you need more information, feel free to ask.

Thanks!
alias_database = hash:/usr/local/etc/postfix/aliases
alias_maps = hash:/usr/local/etc/postfix/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/local/sbin
config_directory = /usr/local/etc/postfix
daemon_directory = /usr/local/libexec/postfix
data_directory = /var/db/postfix
debug_peer_level = 1
default_destination_concurrency_limit = 10
disable_vrfy_command = yes
header_checks = pcre:/usr/local/etc/postfix/header_checks.pcre
home_mailbox = Maildir/
html_directory = /usr/local/share/doc/postfix
local_destination_concurrency_limit = 2
mail_owner = postfix
mail_spool_directory = /var/spool/mail
mailbox_size_limit = 0
mailq_path = /usr/local/bin/mailq
manpage_directory = /usr/local/man
message_size_limit = 0
mydestination = localhost, $myhostname
mydomain = intera5.net
myhostname = cincara.intera5.net
mynetworks = 85.52.201.127, 212.81.143.128/28, 192.168.0.0/16, 127.0.0.1
mynetworks_style = host
myorigin = $myhostname
newaliases_path = /usr/local/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = /usr/local/share/doc/postfix
recipient_bcc_maps = mysql:/usr/local/etc/postfix/mysql-bcc.cf
sample_directory = /usr/local/etc/postfix
sendmail_path = /usr/local/sbin/sendmail
setgid_group = maildrop
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_data_restrictions = reject_multi_recipient_bounce  
reject_unauth_pipelining permit
smtpd_delay_reject = yes
smtpd_etrn_restrictions = reject
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks reject_non_fqdn_recipient 
reject_unknown_recipient_domain permit_sasl_authenticated 
reject_unauth_destination
smtpd_reject_unlisted_sender = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = 
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = permit_mynetworks reject_non_fqdn_sender 
reject_unknown_sender_domain reject_unlisted_sender permit_sasl_authenticated 
reject_unauth_destination check_client_access 
pcre:/usr/local/etc/postfix/client_checks.pcre check_helo_access   
pcre:/usr/local/etc/postfix/helo_checks.pcre check_sender_access 
pcre:/usr/local/etc/postfix/sender_checks.pcre check_client_access 
hash:/usr/local/etc/postfix/whitelist check_client_access 
hash:/usr/local/etc/postfix/eswl reject_rbl_client zen.spamhaus.org 
reject_rbl_client bl.spamcop.net reject_rbl_client b.barracudacentral.org 
reject_rbl_client psbl.surriel.com check_policy_service unix:private/tumgreyspf
unknown_local_recipient_reject_code = 550
virtual_alias_maps = mysql:/usr/local/etc/postfix/mysql-alias.cf
virtual_gid_maps = static:5001
virtual_mailbox_base = /intera5/mail
virtual_mailbox_domains = mysql:/usr/local/etc/postfix/mysql-dominios.cf
virtual_mailbox_limit = 0
virtual_mailbox_maps = mysql:/usr/local/etc/postfix/mysql-buzones.cf
virtual_transport = maildrop
virtual_uid_maps = static:5001
Jun 21 17:34:52 cincara postfix/smtpd[89590]: connect from 
zaragoza.intera5.net[212.81.143.133]
Jun 21 17:34:52 cincara postfix/smtpd[89590]: AFF4222857: 
client=zaragoza.intera5.net[212.81.143.133]
Jun 21 17:34:52 cincara postfix/cleanup[89596]: AFF4222857: 
message-id=<4fe33fed.30...@intera5.es>
Jun 21 17:34:52 cincara postfix/smtpd[89590]: disconnect from 
zaragoza.intera5.net[212.81.143.133]
Jun 21 17:34:52 cincara postfix/qmgr[12752]: AFF4222857: 
from=, size=1618, nrcpt=1 (queue active)
Jun 21 17:34:52 cincara postfix/pipe[89491]: AFF4222857: to=, 
orig_to=, relay=maildrop, delay=0.04, delays=0.02/0/0/0.02, 
dsn=2.0.0, status=sent (delivered via maildrop service)
Jun 21 17:34:52 cincara postfix/qmgr[12752]: AFF4222857: removed

Re: Domain alias and mailbox alias conflict

[Viktor Dukhovni]

On Thu, Jun 21, 2012 at 06:40:42PM +0200, Juan Jos? S?nchez Mesa wrote:

> postmap output:
> 
> # postmap -q fe...@domain.net mysql:/usr/local/etc/postfix/mysql-alias.cf
> [nothing]
> 
> # postmap -q @domain.net mysql:/usr/local/etc/postfix/mysql-alias.cf
> @domain.com
> 
> # postmap -q fe...@domain.com mysql:/usr/local/etc/postfix/mysql-alias.cf
> m...@gmail.com

The cleanup(8) service performs virtual aliasing recursively on
input. In your case it mapped (munged domains) fe...@domain.net to
fe...@domain.com, and the latter was the last mapping. Therefore,
either the cleanup service in master.cf has overrides for some of
the reported parameters, or your tests above don't accurately
represent the actual addresses queried.

You can add a "-v" option to the cleanup service to log its activity
in detail.

> virtual_alias_maps = mysql:/usr/local/etc/postfix/mysql-alias.cf

> Jun 21 17:34:52 cincara postfix/smtpd[89590]: AFF4222857: 
> client=zaragoza.intera5.net[212.81.143.133]
> Jun 21 17:34:52 cincara postfix/cleanup[89596]: AFF4222857: 
> message-id=<4fe33fed.30...@intera5.es>
> Jun 21 17:34:52 cincara postfix/qmgr[12752]: AFF4222857: 
> from=, size=1618, nrcpt=1 (queue active)
> Jun 21 17:34:52 cincara postfix/pipe[89491]: AFF4222857: 
> to=, orig_to=, relay=maildrop, 
> delay=0.04, delays=0.02/0/0/0.02, dsn=2.0.0, status=sent (delivered via 
> maildrop service)
> Jun 21 17:34:52 cincara postfix/qmgr[12752]: AFF4222857: removed

The final recipient address was not found in the virtual(5) table or
mapped to itself.

-- 
Viktor.

problem talking to server private/tlsmgr: Resource temporarily unavailable

[micah anderson]

I'm running a busy server that is periodically experiencing problems
with tlsmgr, at various times (typically once a day at minimum), the
following appears in the logs:

Jun 16 07:34:40 willet postfix/smtp[24449]: warning: connect to private/tlsmgr: 
Resource temporarily unavailable
Jun 16 07:34:40 willet postfix/smtp[24449]: warning: problem talking to server 
private/tlsmgr: Resource temporarily unavailable

(repeated)

this sometimes results in mailer-daemon bounces to postmaster with the
SMTP protocol messages including "TLS unavailable due to local
problem". Typically mail is working fine, and TLS connections work
normally, with this happening every once and a while. 

This is using postfix version: 2.7.1-1+squeeze1, what follows is the
postconf -n output, as well as the master.cf:

# postconf -n
alias_database = hash:$maps_dir/aliases
alias_maps = 
hash:$maps_dir/aliases,mysql:$maps_dir/mysql_aliases.cf,pcre:$maps_dir/bounce.pcre
allow_percent_hack = no
biff = no
body_checks = pcre:$checks_dir/body_checks
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/lib/postfix
data_directory = /var/lib/postfix
default_privs = mail
default_process_limit = 200
disable_vrfy_command = yes
inet_interfaces = all
local_recipient_maps = $alias_maps, proxy:unix:passwd.byname
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
maximal_backoff_time = 4h
maximal_queue_lifetime = 5d
message_size_limit = 512
milter_default_action = accept
mime_header_checks = pcre:$checks_dir/mime_header_checks
mydestination = $myhostname, $myorigin, localhost.$mydomain, localhost, 
lists.riseup.net
mydomain = xxx.net
myhostname = willet.xxx.net
mynetworks = x.x.x.0/24,x.x.x.x.0/24,   127.0.0.0/8
myorigin = $myhostname
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
rbl_reply_maps = hash:$maps_dir/dnsbl-reply-map
readme_directory = no
recipient_delimiter = +
relayhost = outmx..net
sample_directory = /etc/postfix/samples
sender_dependent_relayhost_maps = pcre:$maps_dir/sender_relayhost.pcre
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
show_user_unknown_table_name = no
smtp_connect_timeout = 10s
smtp_destination_concurrency_limit = 140
smtp_destination_recipient_limit = 200
smtp_helo_timeout = 100s
smtp_tls_CAfile = /etc/certs/roots/wildcard.pem
smtp_tls_CApath = /etc/ssl/certs/
smtp_tls_cert_file = /etc/certs/wildcard/cert.pem
smtp_tls_exclude_ciphers = aNULL, MD5, DES
smtp_tls_fingerprint_digest = sha1
smtp_tls_key_file = /etc/certs/wildcard/key.pem
smtp_tls_loglevel = 1
smtp_tls_mandatory_exclude_ciphers = aNULL, MD5, DES
smtp_tls_policy_maps = hash:$maps_dir/tls_policy
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_scache
smtpd_banner = $myhostname ESMTP (spam is not appreciated)
smtpd_client_connection_count_limit = 20
smtpd_client_restrictions = permit_mynetworks,  check_client_access 
cidr:$checks_dir/client_whitelist.cidr, reject_rbl_client zen.dnsbl,
permit
smtpd_data_restrictions = permit_mynetworks,reject_unauth_pipelining,   
permit
smtpd_delay_reject = yes
smtpd_error_sleep_time = 0
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks,reject_invalid_helo_hostname,   
reject_non_fqdn_helo_hostname,  check_helo_access hash:$checks_dir/helo_checks, 
permit
smtpd_milters = 
unix:/var/run/clamav/milter.ctl,unix:/var/spool/postfix/spamass/spamass.sock
smtpd_recipient_restrictions = reject_unknown_recipient_domain, 
permit_mynetworks,  reject_unauth_destination,  permit
smtpd_sender_restrictions = check_sender_access hash:$checks_dir/sender_access, 
   permit_mynetworks,   reject_non_fqdn_sender, 
reject_unknown_sender_domain,   permit
smtpd_tls_CAfile = /etc/certs/roots/wildcard.pem
smtpd_tls_ask_ccert = yes
smtpd_tls_cert_file = /etc/certs/wildcard/cert.pem
smtpd_tls_dh1024_param_file = /etc/certs/dh_1024.pem
smtpd_tls_dh512_param_file = /etc/certs/dh_512.pem
smtpd_tls_exclude_ciphers = aNULL, MD5, DES
smtpd_tls_fingerprint_digest = sha1
smtpd_tls_key_file = /etc/certs/wildcard/key.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scache
smtpd_tls_session_cache_timeout = 28800
swap_bangpath = no
tls_random_exchange_name = /var/lib/postfix/prng_exch


1 willet:/home/micah# cat /etc/postfix/master.cf |egrep -v ^#
smtp  inet  n   -   n   -   -   smtpd
smtps inet  n   -   n   -   -   smtpd -o 
smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
pickupfifo  n   -   -   60  1   pickup
cleanup   unix  n   -   n   -   0   cleanup
qmgr  fifo  n   -   n   300 1   qmgr
tlsmgrunix  -   -   n   1500?   1   tlsmgr
rewrite   unix  -   -   -   -   -   trivial-rewrite
bounc

Re: problem talking to server private/tlsmgr: Resource temporarily unavailable

[Patrick Ben Koetter]

* micah anderson :
> 
> I'm running a busy server that is periodically experiencing problems
> with tlsmgr, at various times (typically once a day at minimum), the
> following appears in the logs:
> 
> Jun 16 07:34:40 willet postfix/smtp[24449]: warning: connect to 
> private/tlsmgr: Resource temporarily unavailable
> Jun 16 07:34:40 willet postfix/smtp[24449]: warning: problem talking to 
> server private/tlsmgr: Resource temporarily unavailable
> 
> (repeated)
> 
> this sometimes results in mailer-daemon bounces to postmaster with the
> SMTP protocol messages including "TLS unavailable due to local
> problem". Typically mail is working fine, and TLS connections work
> normally, with this happening every once and a while. 
> 
> This is using postfix version: 2.7.1-1+squeeze1, what follows is the
> postconf -n output, as well as the master.cf:

Running a virtualized system and running out of random?

# apt-get install haveged

p@rick


-- 
All technical questions asked privately will be automatically answered on the
list and archived for public access unless privacy is explicitely required and
justified.

saslfinger (debugging SMTP AUTH):

Re: problem talking to server private/tlsmgr: Resource temporarily unavailable

[Wietse Venema]

micah anderson:
> 
> I'm running a busy server that is periodically experiencing problems
> with tlsmgr, at various times (typically once a day at minimum), the
> following appears in the logs:
> 
> Jun 16 07:34:40 willet postfix/smtp[24449]: warning: connect to 
> private/tlsmgr: Resource temporarily unavailable

Your kernel runs out of resources.  Reduce Postfix process limits,
or get a bigger/faster machine.

> alias_maps = 
> hash:$maps_dir/aliases,mysql:$maps_dir/mysql_aliases.cf,pcre:$maps_dir/bounce.pcre

You may save some file resources when you use proxy:mysql instead of mysql.

Wietse

Re: problem talking to server private/tlsmgr: Resource temporarily unavailable

[micah anderson]

Patrick Ben Koetter  writes:

> * micah anderson :
>> 
>> I'm running a busy server that is periodically experiencing problems
>> with tlsmgr, at various times (typically once a day at minimum), the
>> following appears in the logs:
>> 
>> Jun 16 07:34:40 willet postfix/smtp[24449]: warning: connect to 
>> private/tlsmgr: Resource temporarily unavailable
>> Jun 16 07:34:40 willet postfix/smtp[24449]: warning: problem talking to 
>> server private/tlsmgr: Resource temporarily unavailable
>> 
>> (repeated)
>> 
>> this sometimes results in mailer-daemon bounces to postmaster with the
>> SMTP protocol messages including "TLS unavailable due to local
>> problem". Typically mail is working fine, and TLS connections work
>> normally, with this happening every once and a while. 
>> 
>> This is using postfix version: 2.7.1-1+squeeze1, what follows is the
>> postconf -n output, as well as the master.cf:
>
> Running a virtualized system and running out of random?

No, its not virtualized.

> # apt-get install haveged

Not only am I already running haveged, but I have an entropykey feeding
as well. I graph the entropy on the system and it maintains an average
of 2kbytes dipping down to 960bytes at worst.

thanks for the suggestion!

micah