How to prevent 1st filter from being overridden by 2nd filter
Hi, We have a number of lookups that are performed against all incoming messages. smtpd_recipient_restrictions applies a FILTER based on the recipient address header_checks applies a FILTER based on the contents of the header lines If the recipient address FILTER is triggered, is there any way of preventing the header_checks filter from being applied, and effectively overriding the 1st FILTER? The only thing I can think of is to have 2 separate instances, but I would like to try and avoid this if possible, or put the messages on HOLD if the recipient address is triggered. Thanks, Robin
RE: Duplicate emails
Hi, I set up an owner-listname alias. This is my "postconf" output. [/etc/postfix]# postconf -d | egrep -i alias alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases, nis:mail.aliases allow_mail_to_commands = alias, forward allow_mail_to_files = alias, forward expand_owner_alias = no local_recipient_maps = proxy:unix:passwd.byname $alias_maps newaliases_path = /usr/bin/newaliases proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $sender_bcc_maps $recipient_bcc_maps $smtp_generic_maps $lmtp_generic_maps unknown_virtual_alias_reject_code = 550 virtual_alias_domains = $virtual_alias_maps virtual_alias_expansion_limit = 1000 virtual_alias_maps = $virtual_maps virtual_alias_recursion_limit = 1000 I send a test email from "sen...@xxx.xx" to "al...@.xxx.xx". "alias" is configured in Postfix with two users "user1" and "user2": [/etc/postfix]# cat /etc/aliases alias:user1,user2 "user1" has the full quota. I check the email is queued with an error: [/etc/postfix]# mailq 2CBC12028C 521 Wed Apr 1 18:19:01 sen...@xxx.xx (temporary failure) us...@xxx.xx al...@xxx.xx And check Postfix logs: [/etc/postfix]# /var/log/maillog postfix/local[16878]: 9A8C2203DD: to=, orig_to=, relay=local, delay=594, delays=594/0/0/0.03, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail -t -a "$EXTENSION" DEFAULT=$HOME/Maildir/ MAILDIR=$HOME/Maildir) postfix/local[16878]: 9A8C2203DD: to=, orig_to=, relay=local, delay=594, delays=594/0/0/0.12, dsn=4.3.0, status=deferred (temporary failure) -Mensaje original- De: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org] En nombre de Wietse Venema Enviado el: miércoles, 01 de abril de 2015 22:14 Para: Postfix users Asunto: Re: Duplicate emails Antonio Alberola: > Hello, > > I have a Little problem with duplicate emails. > In my system I configure quota server for Maildir disk. When an email > is sent to an alias who contains a user with a full quota, this email > is queued and the rest of recipients gets a duplicate email. > > As can I do that only the recipient with the full quota, receive the > queued email. You need to set up an owner-listname alias. Wietse ALIASES(5) ALIASES(5) ... The format of the alias database input file is as follows: o An alias definition has the form name: value1, value2, ... ... In addition, when an alias exists for owner-name, delivery diagnostics are directed to that address, instead of to the originator of the mes- sage. The presence of the owner-name alias also prevents Postfix from doing what you describe above. Wietse
Re: How to prevent 1st filter from being overridden by 2nd filter
robin.wakefi...@ubs.com: > Hi, > > We have a number of lookups that are performed against all incoming messages. > > smtpd_recipient_restrictions applies a FILTER based on the recipient address > header_checks applies a FILTER based on the contents of the header lines > > If the recipient address FILTER is triggered, is there any way of > preventing the header_checks filter from being applied, and > effectively overriding the 1st FILTER? The only thing I can think > of is to have 2 separate instances, but I would like to try and > avoid this if possible, or put the messages on HOLD if the recipient > address is triggered. The precedence is not configurable. With multiple FILTER actions (regardless of their origin) the last one takes effect. header_checks are not meant to be a super-precise feature, so this is unlikely to change. The control that you need may be better implemented with for example amavisd policy banks. Wietse
Re: Duplicate emails
Antonio Alberola: [ Charset ISO-8859-1 converted... ] > Hi, > > I set up an owner-listname alias. This is my "postconf" output. You provide no proof of message DUPLICATION. Wietse
RE: Duplicate emails
Sorry, This is the first entry in the log. Apr 1 18:19:01 smail postfix/local[21223]: 2CBC12028C: to=, orig_to=, relay=local, delay=0.18, delays=0.11/0.03/0/0.04, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail -t -a "$EXTENSION" DEFAULT=$HOME/Maildir/ MAILDIR=$HOME/Maildir) Apr 1 18:19:01 smail postfix/local[21223]: 2CBC12028C: to=, orig_to=, relay=local, delay=0.24, delays=0.11/0.03/0/0.1, dsn=4.3.0, status=deferred (temporary failure) And these are the rest of attempts to deliver the email. Apr 1 18:28:47 smail postfix/local[21223]: 2CBC12028C: to=, orig_to=, relay=local, delay=587, delays=587/0/0/0.02, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail -t -a "$EXTENSION" DEFAULT=$HOME/Maildir/ MAILDIR=$HOME/Maildir) Apr 1 18:28:47 smail postfix/local[21223]: 2CBC12028C: to=, orig_to=, relay=local, delay=587, delays=587/0/0/0.1, dsn=4.3.0, status=deferred (temporary failure) Apr 1 18:42:46 smail postfix/local[25729]: 2CBC12028C: to=, orig_to=, relay=local, delay=1425, delays=1425/0/0/0.03, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail -t -a "$EXTENSION" DEFAULT=$HOME/Maildir/ MAILDIR=$HOME/Maildir) Apr 1 18:42:46 smail postfix/local[25729]: 2CBC12028C: to=, orig_to=, relay=local, delay=1425, delays=1425/0/0/0.12, dsn=4.3.0, status=deferred (temporary failure) Apr 1 19:07:46 smail postfix/local[28569]: 2CBC12028C: to=, orig_to=, relay=local, delay=2926, delays=2926/0/0/0.04, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail -t -a "$EXTENSION" DEFAULT=$HOME/Maildir/ MAILDIR=$HOME/Maildir) Apr 1 19:07:46 smail postfix/local[28569]: 2CBC12028C: to=, orig_to=, relay=local, delay=2926, delays=2926/0/0/0.14, dsn=4.3.0, status=deferred (temporary failure) Apr 1 19:57:46 smail postfix/local[548]: 2CBC12028C: to=, orig_to=, relay=local, delay=5926, delays=5926/0/0/0.03, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail -t -a "$EXTENSION" DEFAULT=$HOME/Maildir/ MAILDIR=$HOME/Maildir) Apr 1 19:57:46 smail postfix/local[548]: 2CBC12028C: to=, orig_to=, relay=local, delay=5926, delays=5926/0/0/0.12, dsn=4.3.0, status=deferred (temporary failure) Apr 1 21:07:46 smail postfix/local[10486]: 2CBC12028C: to=, orig_to=, relay=local, delay=10125, delays=10125/0/0/0.03, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail -t -a "$EXTENSION" DEFAULT=$HOME/Maildir/ MAILDIR=$HOME/Maildir) Apr 1 21:07:46 smail postfix/local[10486]: 2CBC12028C: to=, orig_to=, relay=local, delay=10125, delays=10125/0/0/0.12, dsn=4.3.0, status=deferred (temporary failure) Apr 1 22:17:46 smail postfix/local[22784]: 2CBC12028C: to=, orig_to=, relay=local, delay=14325, delays=14325/0/0/0.04, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail -t -a "$EXTENSION" DEFAULT=$HOME/Maildir/ MAILDIR=$HOME/Maildir) Apr 1 22:17:46 smail postfix/local[22784]: 2CBC12028C: to=, orig_to=, relay=local, delay=14325, delays=14325/0/0/0.13, dsn=4.3.0, status=deferred (temporary failure) Apr 1 23:27:46 smail postfix/local[32148]: 2CBC12028C: to=, orig_to=, relay=local, delay=18525, delays=18525/0.03/0/0.04, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail -t -a "$EXTENSION" DEFAULT=$HOME/Maildir/ MAILDIR=$HOME/Maildir) Apr 1 23:27:46 smail postfix/local[32148]: 2CBC12028C: to=, orig_to=, relay=local, delay=18525, delays=18525/0.03/0/0.13, dsn=4.3.0, status=deferred (temporary failure) Apr 1 23:59:27 smail postfix/local[2557]: 2CBC12028C: to=, orig_to=, relay=local, delay=20426, delays=20426/0/0/0.03, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail -t -a "$EXTENSION" DEFAULT=$HOME/Maildir/ MAILDIR=$HOME/Maildir) Apr 1 23:59:27 smail postfix/local[2557]: 2CBC12028C: to=, orig_to=, relay=local, delay=20426, delays=20426/0/0/0.06, dsn=4.3.0, status=deferred (temporary failure) -Mensaje original- De: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org] En nombre de Wietse Venema Enviado el: jueves, 02 de abril de 2015 13:12 Para: Antonio Alberola CC: 'Postfix users' Asunto: Re: Duplicate emails Antonio Alberola: [ Charset ISO-8859-1 converted... ] > Hi, > > I set up an owner-listname alias. This is my "postconf" output. You provide no proof of message DUPLICATION. Wietse
check_policy_service mysql lookup
Hi, i’m trying to do quota limits by this tutorial: https://sys4.de/en/blog/2013/04/08/postfix-dovecot-mailbox-quota/ I have all the parts working, but in the tutorial only one policy service is used: > smtpd_recipient_restrictions = >... >check_policy_service inet:mailstore.example.com:12340 While in my setup I have users distributed over a cluster and i’m using: > transport_maps = proxy:mysql:/etc/postfix/mysql/virtual_transport.cf So it would be logical to query correct dovecot service for every recipients’ quota, something like this: > smtpd_recipient_restrictions = >... >check_policy_service proxy:mysql:/etc/postfix/mysql/virtual_transport.cf But with this I get: postfix/smtpd[30904]: fatal: invalid transport name: proxy in service: proxy:mysql:/etc/postfix/mysql/quota-service.sql Is it correct to use “check_recipient_access” instead of “check_policy_service” ?
Re: subdomain relay
On 4/1/15 11:40 AM, Noel Jones wrote: On 4/1/2015 6:43 AM, Hank Beatty wrote: Thank you. I implemented this and mail sourced externally comes in, postfix tries to relay and loops back on itself. Mail sourced from the server seems to be routing correctly. I've tried updating /etc/hosts and changing the /etc/postfix/transport to an IP. The issue still persists. Any ideas? Please don't top-post. Either you've done something wrong, or have a very odd setup, or have provided incomplete information. For further help, you'll need to provide unaltered config and logs showing the unwanted behavior. Do not provide verbose logging unless/until specifically requested. For help with mail routing issues, you must not obfuscate the hostnames and IPs used. http://www.postfix.org/DEBUG_README.html#mail -- Noel Jones Just wanted to let everyone know that the configuration that Noel suggested did work. I put the wrong hostname in my transport file. Someone else that I work with actually caught my error. Thank you, Noel. Hank
Re: Duplicate emails
Antonio Alberola: > Sorry, > > > This is the first entry in the log. You have not correctly configured the owner-aliasname alias (where aliasname is the name of the multi-recipient alias). To verify: $ postalias -s name-of-aliases-file Wietse
Re: check_policy_service mysql lookup]
Edgaras Luko?evi?ius: [ Charset windows-1252 converted... ] > Hi, > > i?m trying to do quota limits by this tutorial: > https://sys4.de/en/blog/2013/04/08/postfix-dovecot-mailbox-quota/ > > I have all the parts working, but in the tutorial only one policy service is > used: > > smtpd_recipient_restrictions = > >... > >check_policy_service inet:mailstore.example.com:12340 > > While in my setup I have users distributed over a cluster and i?m using: > > transport_maps = proxy:mysql:/etc/postfix/mysql/virtual_transport.cf > > So it would be logical to query correct dovecot service for every recipients? > quota, something like this: > > smtpd_recipient_restrictions = > >... > >check_policy_service proxy:mysql:/etc/postfix/mysql/virtual_transport.cf > > But with this I get: postfix/smtpd[30904]: fatal: invalid transport name: > proxy in service: proxy:mysql:/etc/postfix/mysql/quota-service.sql > Is it correct to use ?check_recipient_access? instead of > ?check_policy_service? ? Where does the documentation promise that Postfix policy daemons can use the proxy: feature? If it is not documented then it is not supported. Wietse >
Re: postfix 3.0.0 errors out with a read-only config directory
Hello Viktor, > > I had to comment out these 3 lines to get it to work. > > > > With this change to lines 209-211, the script works fine. > > +# IFS=" > > +# " > > +# BACKUP_IFS="$IFS" > > Did you per-chance lose the "" in > > IFS="" > > [ > That is: > IFS=" > " > ] > Thanks, That is exactly what happened. My editor settings remove trailing spaces or tabs. The post-install from 3.1-20150330 worked fine without any issues. Thanks again, Joe signature.asc Description: Digital signature
Re: check_policy_service mysql lookup]
Edgaras Luko?evi?ius: > What is the solution? Other than running some wrapper on local server and > feeding it as policy service for postfix? > > On 02 Apr 2015, at 16:58, Wietse Venema wrote: Have multiple IP addresses for the policy service hostname, or find/build a policy daemon proxy that does load balancing. As documented the proxy: is for *database* queries. It converts multiple clients into one client. Wietse
