clarification about missing LMTP_README file
Ok, this¹ has been raised over a few times in the past, but I'm not satisfied with the answer (referral to man page of lmtp/smtp instead of idiot-proof narrative version like other *_README howtos). 1. Do the cached file contents still apply to current release version of postfix? 2. If yes, why is it retired/not present as http://www.postfix.org/LMTP_README.html? 3. If not, why isn't there the updated version? Cheers ___ ¹ http://nixforums.org/about29845-lmtp_readme.html http://marc.info/?l=postfix-users&m=110442875921891 ² https://www.google.com/search?q=lmtp_readme
Re: clarification about missing LMTP_README file
On Sun, Jul 22, 2012 at 11:01:20AM +0300, mailing list subscriber wrote: > Ok, this¹ has been raised over a few times in the past, but I'm > not satisfied with the answer (referral to man page of lmtp/smtp > instead of idiot-proof narrative version like other *_README > howtos). > 1. Do the cached file contents still apply to current release > version of postfix? > 2. If yes, why is it retired/not present as > http://www.postfix.org/LMTP_README.html? > 3. If not, why isn't there the updated version? > > Cheers > ___ > ¹ http://nixforums.org/about29845-lmtp_readme.html > http://marc.info/?l=postfix-users&m=110442875921891 > > ² https://www.google.com/search?q=lmtp_readme As Victor pointed out in the referenced thread, the most similar document presently supported would be MAILDROP_README. Frankly I'm not sure that MAILDROP_README is appropriate in Postfix documentation.[1] Dovecot's "deliver" LDA is probably more widely used now. I didn't carefully pick over the retired LMTP_README, but I did see mention of virtual_maps therein, which gives a clue as to its vintage, pre-Postfix 2.0. The big difference between LMTP and Courier Maildrop (or Dovecot LDA) delivery is that LMTP is a network process, more like ADDRESS_CLASS_README.html#relay_domain_class , whereas maildrop & deliver are commands invoked for receipt of mail. The way I would implement LMTP (which I have not yet done, but I am sure I'll do eventually, for a customer if not for my own site) is as a relay domain, with that domain listed in transport_maps: sqlite = sqlite:$config_directory/query relay_domains = $sqlite/relay_dom.query transport_maps = $sqlite/transport.query $ postmap -q example.net sqlite:/etc/postfix/query/relay_dom.query example.net $ postmap -q example.net sqlite:/etc/postfix/query/transport.query lmtp:example.net.rob0 $ dig +short mx example.net.rob0 0 localhost. And my LMTP listener on localhost would be configured to accept and deliver mail for example.net addresses. That part would be out of scope for Postfix, depending on the LMTP/imapd implementation. Bottom line: I think LMTP is covered well enough in README documents as is. If I was to suggest a new README it would be called TRANSPORT_README, and it would cover the concept of transport(5) in Postfix. The transport(5) manual is good, but it could be augmented with some high-level examples and illustrations of the various knobs available, e.g. transport_* postconf(5) settings. My idea of a TRANSPORT_README would show transports being used for delivery of your own mail as well as their use for external sending. If I had time I would start on a rough draft thereof. :) Lucky for me, I've had some work lately. (Maybe in the fall I can get to it.) For the OP, whom I guess is considering LMTP delivery, I would suggest concentrating on understanding address classes and the transport(5) manual. [1] That said, I would hate to see MAILDROP_README go, because it credits our late friend and list participant, Tonni Earnshaw. :) -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
Re: how to relay mails from outbound instance ?
Le 21/07/2012 14:32, Naval saini a écrit : > I have changed it with smtp_bind_address = y.y.y.y > now i want to know how i can check it by sending a mail or should i > configure a null client also.? > postfix comes with a sendmail command. $ sendmail -f sender@yoursytem recipient@someotherplace Subject: test test . then check the headers of received message. PS. please: - do not top post. put your reply after the text you replay too. Google for "top posting" to see why etc. - keep the discussion on the list. this will give you more chances to get an answer from the so many members > > On Sat, Jul 21, 2012 at 3:56 PM, mouss wrote: > >> Le 20/07/2012 14:52, Naval saini a écrit : >>> >>> I have created postfix-out1 instance on centos 6.3 server which has 3 >>> different IP-address 3 different Hostname now both default postfix and >>> postfix-out1 instance running. >>> Hostname=r09.example.com which have IP=x.x.x.x and i want postfix-out1 >>> instance send all mails from Hostname=r09a.example.com which have >>> IP=y.y.y.y. >>> my server currently showing hostname=r09.example.com with IP=x.x.x.x >>> In /etc/postfix-out1/main.cf >>> hostname=r09a.example.com >>> domainname=example.com >>> inet_interfaces =y.y.y.y >>> relay_domains =example.com >>> multi_instance_group = mta >>> multi_instance_name = postfix-out1 >>> multi_instance_enable = no >>> master_service_disable = " " >>> authorized_submit_users =root >>> smtpd_authorized_xforward_hosts = $mynetworks >>> smtpd_client_connection_count_limit = 0 >>> smtpd_client_event_limit_exceptions = $mynetworks >>> smtp_bind_address = 0.0.0.0 >>> local_header_rewrite_clients = >>> alias_maps = >>> alias_database = >>> local_recipient_maps = >>> local_transport = error:5.1.1 Mailbox unavailable >>> recipient_delimiter = + >>> smtpd_recipient_restrictions = permit_mynetworks >>> smtpd_timeout = 1200s >>> smtpd_client_port_logging = no >>> >>> >>> /etc/postfix-out1/master.cf >>> 127.0.0.1:10026 inet n - n - - smtpd >>> >>> Now please tell me what configuration i have to make to send mails from >>> r09a.example.com with IP=y.y.y.y ? >>> >> >> remove smtp_bind_address. or set it to y.y.y.y >> if it is set to 0.0.0.0., then it is your kernel which selects the >> source IP (based on the destination IP). >> >> >> >
check_client_access
Hi, I have put line in my main.cf check_client_access = cidr:/etc/postfix/sinokorea.cidr I then restarted postfix, but I can't see it in postconf -n. How come? For reference: my postconf -n output is: [root@vps ~]# postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes config_directory = /etc/postfix html_directory = /usr/share/doc/postfix/html inet_interfaces = all mailbox_command = procmail -a "$EXTENSION" mailbox_size_limit = 0 mydestination = localhost myhostname = mail.bilgisayarciniz.org mynetworks = 127.0.0.0/8 127.0.0.2/32 109.232.0.0/16 myorigin = /etc/mailname readme_directory = /usr/share/doc/postfix recipient_delimiter = + relayhost = smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unauth_pipelining, reject_invalid_hostname, reject_rbl_client sbl.spamhaus.org, reject_rbl_client xbl.spamhaus.org smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf virtual_gid_maps = static:5000 virtual_mailbox_base = /srv/vmail virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf virtual_minimum_uid = 100 virtual_transport = virtual virtual_uid_maps = static:5000 Regards,
Re: clarification about missing LMTP_README file
mailing list subscriber: > Ok, this? has been raised over a few times in the past, but I'm not > satisfied with the answer (referral to man page of lmtp/smtp instead > of idiot-proof narrative version like other *_README howtos). As documented the LMTP and SMTP client are part of the same program. The clients have identical behavior unless documented otherwise or required by Internet RFCs. This change was made 20051208, more than seven years ago. Wietse SMTP(8)SMTP(8) NAME smtp - Postfix SMTP+LMTP client ... DESCRIPTION The Postfix SMTP+LMTP client implements the SMTP and LMTP mail delivery protocols. It processes message delivery requests from the queue man- ager. ... CONFIGURATION PARAMETERS Before Postfix version 2.3, the LMTP client is a separate program that implements only a subset of the functionality available with SMTP: there is no support for TLS, and connections are cached in-process, making it ineffective when the client is used for multiple domains. Most smtp_xxx configuration parameters have an lmtp_xxx "mirror" param- eter for the equivalent LMTP feature. This document describes only those LMTP-related parameters that aren't simply "mirror" parameters.
Re: clarification about missing LMTP_README file
/dev/rob0: > The way I would implement LMTP (which I have not yet done, but I am > sure I'll do eventually, for a customer if not for my own site) is as > a relay domain, with that domain listed in transport_maps: This is not relaying, instead this is final delivery. I would therefore suggest a final delivery address class. The virtual_mailbox class would be most natural for this. /etc/postfix/main.cf: virtual_mailbox_domains = the list domains virtual_transport = the lmtp transport virtual_mailbox_maps = the list of users You aren't using the Postfix virtual(8) delivery agent. Therefore Postfix uses virtual_mailbox_maps only to look up the recipient, and it doesn't matter what the lookup result looks like. That makes virtual_mailbox_maps remarkably similar to relay_recipient_maps. transport_maps are not needed for this (they would be needed for destinations that require local(8) or pipe(8) features). I think that virtual_mailbox_maps needs to be documented better, for use cases like the one shown above. Wietse
Re: check_client_access
Tolga: > Hi, > > I have put line in my main.cf > > check_client_access = cidr:/etc/postfix/sinokorea.cidr In Postfix 2.9, this will result in a warning: postconf: warning: /etc/postfix/main.cf: unused parameter: check_client_access=cidr:/etc/postfix/sinokorea.cidr And indeed check_client_access is not a parameter name. Instead, it is used inside smtpd_recipient(etc) restrictions. Wietse
Re: check_client_access
On 07/22/2012 03:12 PM, Wietse Venema wrote: Tolga: Hi, I have put line in my main.cf check_client_access = cidr:/etc/postfix/sinokorea.cidr In Postfix 2.9, this will result in a warning: postconf: warning: /etc/postfix/main.cf: unused parameter: check_client_access=cidr:/etc/postfix/sinokorea.cidr And indeed check_client_access is not a parameter name. Instead, it is used inside smtpd_recipient(etc) restrictions. Wietse Thanks Wietse :)
Re: prevent archiving SPAM mails
Le 19/07/2012 10:23, Nalinda Herath a écrit : > In my current setup, server will not discard any mail even though they are > tagged as SPAM. all the spam mails are routed to the junk folder's of each > user. According to our policy, we cannot discard any mail, and users are > allowed to check whether any mail has been accidentally tagged as SPAM. > > We simply BCC the emails which are received to the server by setting > always_bcc = > how do you deliver the archived mail? if it's via an LDA such as dovecot or maildrop or procmail, you can create a rule to discard mail which has a header that says it's spam (X-Spam-Flag: YES). if you want that in postfix, then you need to do some work. [multiple instances of postfix] if you accept to run multiple instances (run postfix multiple times, with different configurations etc), then make ue a specific domain for the archive (for exemple: archive.example.com), then use transport maps to direct such mail to its own instance. and in this instance, use header_checks to discard mail tagged as spam. [in a single instance] with a single instance, you can't use routing (transport_maps) because transport_maps is global to an instance, and you don't want to creat a loop. but you can create a dedicated smtpd listener. here is an example: 1- use a different domain for mail archiving. but instead of always_bcc, I'll recommend using recipient_bcc_maps: recipient_bcc_maps = pcre:/etc/postfix/recipient_bcc.pcre then in recipient_bcc.pcre, something like /(.*)@example\.com$/bcc+$1...@archive.example.com add an expression for any domain you want to archive mail for. side benefit: you have the original recipient in the bcc address! (this assumes you have recipient_delimiter = +). 2- In your after-the-filter smtpd (assuming you are using a filter such as amavisd-new), add a check_recipient_access to pass such mail to a specific smtpd (that you need to add): ... ... check_recipient_access hash:/etc/postfix/filter_bcc.hash and in filter_bcc.hash: archive.example.com FILTER filter:[127.0.0.1]:10624 .archive.example.comFILTER filter:[127.0.0.1]:10624 (here, I assume you start an smtpd on 10624 for such mail, and I assume you defined a filter named "filter". this may be the same as you use to passe your mail to your "standard" filter). 3- for the smtpd on 10624, create a cleanup service that uses a check_headers to do /^X\-Spam\-Flag: YES/ DISCARD PS. instead of discarding such spam, better deliver it to a special account which is purged more often. this gives you a chance to re-archive a message if someone says it was a false positive... etc. (and it gives you the content if someone claims it is a false positive but you don't agree. of course, reading other people's mail requires their consent and/or support by your local policy. but you almost always can run a script to parse the Received headers and show that the message passed via bad networks, without ever touching the body...). debating this is however off-topic here. I only wanted you to kknow that this is a possibility... > I need some workaround to prevent archiving mails tagged as spam by > Spamassassin. > > Regards, > Nalinda > > > > On Wed, Jul 18, 2012 at 10:22 PM, Noel Jones wrote: > >> On 7/18/2012 11:22 AM, Nalinda Herath wrote: >>> Hi all, >>> >>> Recently I have integrated spmassassin to my existing postfix >>> system. But now I need to tune my archiving settings in postfix to >>> prevent from archiving mails tagged as spam. >>> >>> It will be really helpful If someone can help me on this. Thanks. >>> >>> Regards, >>> Nalinda >>> >>> -- >>> Regards, >>> Nalinda >>> >>> >> >> >> General procedure -- apply anti-spam and anti-virus before the >> archiving procedure. >> >> One way to do this is to run spamassassin in a pre-queue >> smtpd_proxy_filter or milter so only clean mail enters postfix. Or >> with a traditional postfix after queue content_filter, do your >> archiving in the after-filter postfix instance. >> >> If you need a more specific answer, you'll need to share full >> details of your postfix setup, your archiving procedure, and how >> you've integrated spamassassin. >> http://www.postfix.org/DEBUG_README.html#mail >> >> >> -- Noel Jones >> > > >
Re: RV: problems again
Le 19/07/2012 12:36, Tomas Garijo (Click) a écrit : > Hi to all thank you Tom > > I know where is the problem. > > I have Colt Telecom by Internet provider, from two week ago, we have a > packets lost with any site of italy. Colt not know because occurs but they > know in where is the problem, they opened a ticket with Internet Italy, but > they have not response from them. > > My dns is inside range of address that blocked and the smtp cannot consults > my dns and reject de my mail, but only the smtp that do this comprobation. > > I have configure my dns outside my company. > as Viktor said, you still have a DNS issue. see http://www.intodns.com/e-surland.com http://www.dnssy.com/report.php?q=e-surland.com etc.
