Re: Cannot sign with DKIM on same-server web and mail
Thanks, but I already had that. Although I had the "v" before the
daemon_addr when I first tried it...
milter_connect_macros="i j {daemon_name} v {daemon_addr} _"
I have now tried it with the v where you suggest it but still gives
UNPARSEABLE_RELAY. Also, I understand the quotes are essential because
the line includes spaces?
Re: Cannot sign with DKIM on same-server web and mail
Dnia 2.12.2019 o godz. 11:12:15 Linkcheck pisze:
> Thanks, but I already had that. Although I had the "v" before the
> daemon_addr when I first tried it...
> milter_connect_macros="i j {daemon_name} v {daemon_addr} _"
>
> I have now tried it with the v where you suggest it but still gives
> UNPARSEABLE_RELAY. Also, I understand the quotes are essential
> because the line includes spaces?
Try fixing it in SpamAssassin's code, as I wrote. It works perfectly for me.
--
Regards,
Jaroslaw Rafa
r...@rafa.eu.org
--
"In a million years, when kids go to school, they're gonna know: once there
was a Hushpuppy, and she lived with her daddy in the Bathtub."
Re: Cannot sign with DKIM on same-server web and mail
Linkcheck:
[ Charset windows-1252 converted... ]
> Thanks, but I already had that. Although I had the "v" before the
> daemon_addr when I first tried it...
>milter_connect_macros="i j {daemon_name} v {daemon_addr} _"
Drop the quotes! Where does Postfix documentation say that
you need to use quoted strings?
Wietse
Recipient address rejected for recipient address in virtual
I have an email address listed in virtual in the form ama...@kreme.com. kreme+ama...@kreme.com But when an email comes in to that address, I get Recipient address rejected: unverified address: Address lookup failed; # postmap -q ama...@kreme.com hash:/etc/postfix/virtual kreme+ama...@kreme.com (Not that actual addresses, but the form is @localdomain => localuser+@localdomain) I assume I can eliminate this by taking out the reject_unverified_recipient from my smtpd_recipient_restrictions but shouldn’t this address be verified? -- Women and cats will do as they please, and men and dogs should relax an get used to the idea.
Re: Recipient address rejected for recipient address in virtual
On 02.12.19 05:21, @lbutlr wrote: I have an email address listed in virtual in the form ama...@kreme.com. kreme+ama...@kreme.com it that a trailing dot? But when an email comes in to that address, I get Recipient address rejected: unverified address: Address lookup failed; # postmap -q ama...@kreme.com hash:/etc/postfix/virtual kreme+ama...@kreme.com (Not that actual addresses, but the form is @localdomain => localuser+@localdomain) I assume I can eliminate this by taking out the reject_unverified_recipient from my smtpd_recipient_restrictions but shouldn’t this address be verified? -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Spam is for losers who can't get business any other way.
Re: Recipient address rejected for recipient address in virtual
> On 02 Dec 2019, at 05:26, Matus UHLAR - fantomas wrote: > > On 02.12.19 05:21, @lbutlr wrote: >> I have an email address listed in virtual in the form >> >> ama...@kreme.com. kreme+ama...@kreme.com > > it that a trailing dot? Autocorrecting two spaces to . There is no trailing dot in the configuration file (I don’t think the lookup would work if there were?) >> But when an email comes in to that address, I get Recipient address >> rejected: unverified address: Address lookup failed; >> >> # postmap -q ama...@kreme.com hash:/etc/postfix/virtual >> kreme+ama...@kreme.com >> >> (Not that actual addresses, but the form is @localdomain => >> localuser+@localdomain) >> >> I assume I can eliminate this by taking out the reject_unverified_recipient >> from my smtpd_recipient_restrictions but shouldn’t this address be verified? -- 'What good is a candle at noonday?' —Sourcery
Re: Cannot sign with DKIM on same-server web and mail
On 02/12/2019 12:12, Linkcheck wrote:
> Thanks, but I already had that. Although I had the "v" before the daemon_addr
> when I first tried it...
> milter_connect_macros="i j {daemon_name} v {daemon_addr} _"
>
> I have now tried it with the v where you suggest it but still gives
> UNPARSEABLE_RELAY. Also, I understand the quotes are essential because the
> line includes spaces?
spamass-milter needs the _ macro to construct a valid ‘Received’ header
line for SpamAssassin. Try ‘postconf -d milter_connect_macros’ to see
the default setting.
$ postconf -d | grep milter_connect_macros
milter_connect_macros = j {daemon_name} {daemon_addr} v
Then add the _ macro to that setting (no quotes, order doesn’t matter).
I gave my setting in my earlier message. You’re using an old version of
Postfix, so yours will be different. In any case no hack should be
necessary, it is a config issue.
Cheers,
Re: Recipient address rejected for recipient address in virtual
On 02 Dec 2019, at 05:21, @lbutlr wrote: > But when an email comes in to that address, I get Recipient address rejected: > unverified address: Address lookup failed; > > # postmap -q ama...@kreme.com hash:/etc/postfix/virtual > kreme+ama...@kreme.com I have disabled reject_unverified_recipient and now get the following: Dec 2 05:20:08 mail postfix/smtpd[21032]: 47RPMD119BzhHM0: client=mr85p00im-zteg06011501.me.com[17.58.23.182] Dec 2 05:20:08 mail postfix/smtpd[21032]: 47RPMD119BzhHM0: permit: RCPT from mr85p00im-zteg06011501.me.com[17.58.23.182]: action=permit for Helo command=mr85p00im-zteg06011501.me.com ; from=<*Externaladdress*> to= proto=ESMTP helo= Dec 2 05:20:08 mail postfix/smtpd[21032]: 47RPMD119BzhHM0: permit: RCPT from mr85p00im-zteg06011501.me.com[17.58.23.182]: action=permit for Recipient address=amazon@localdomain ; from=<*Externaladdress*> to= proto=ESMTP helo= Dec 2 05:20:08 mail postfix/smtpd[21032]: 47RPMD119BzhHM0: permit: DATA from mr85p00im-zteg06011501.me.com[17.58.23.182]: action=permit for Data command=DATA ; from=<*Externaladdress*> to= proto=ESMTP helo= Dec 2 05:20:08 mail postfix/cleanup[21470]: 47RPMD119BzhHM0: message-id=<452be855-dfa1-4525-9edf-8b008aad2...@mac.com> Dec 2 05:20:09 mail postfix/qmgr[16419]: 47RPMD119BzhHM0: from=<*Externaladdress*>, size=1812, nrcpt=2 (queue active) postfix/lmtp[21608]: 47RPMD119BzhHM0: to=, orig_to=, relay=mail.covisp.net[private/dovecot-lmtp], delay=1.6, delays=1.6/0.01/0.01/0.01, dsn=5.1.1, status=bounced (host mail.covisp.net[private/dovecot-lmtp] said: 550 5.1.1 User doesn't exist: ama...@covisp.net (in reply to RCPT TO command)) Dec 2 05:20:09 mail postfix/bounce[21825]: 47RPMD119BzhHM0: sender non-delivery notification: 47RPMF5pgjzhHM2 Dec 2 05:20:09 mail postfix/qmgr[16419]: 47RPMD119BzhHM0: removed It doesn’t look like the lookup from virtual is taking place at all fo this address. virtual_alias_maps = proxy:mysql:$config_directory/mysql_virtual_alias_maps.cf hash:$config_directory/virtual virtual_mailbox_domains = proxy:mysql:$config_directory/mysql_virtual_domains_maps.cf virtual_mailbox_maps = proxy:mysql:$config_directory/mysql_virtual_mailbox_maps.cf virtual_transport = lmtp:unix:private/dovecot-lmtp Other similar entries in virtual work (I just tested one with the same basic pattern). Dec 2 06:31:28 mail postfix/lmtp[18588]: 47RQxV5jblzhHM0: to=, orig_to=, relay=mail.covisp.net[private/dovecot-lmtp], delay=1.3, delays=1.2/0/0/0.05, dsn=2.0.0, status=sent (250 2.0.0 WFaIADAS5V3+SAAAIdGjjQ Saved) One difference is that the one that is failing changes the targeted local domain amazon@localdomain to kreme+ama...@kreme.com, if that matters. The domains both pass postmap postmap -q localdomain mysql:/etc/postfix/mysql_virtual_domains_maps.cf -- <[TN]FBMachine> I got kicked out of Barnes and Noble once for moving all the bibles into the fiction section
Re: Cannot sign with DKIM on same-server web and mail
Thanks for your help. I checked as you suggested and got
milter_connect_macros=j {daemon_name} v (no quotes, no underscore). I
commented out my own version and ran with the default, which correctly
includes the mail server name in the dkim check but still has
UNPARSEABLE_RELAY.
I suppose it may have been attended to in a later version of either
postfix or spamassassin and that you have that version. Mine are
Postfix: mail_version = 3.1.0
Spamassassin: SpamAssassin version 3.4.2 running on Perl version 5.22.1
I'm currently studying the solution proposed by Jaroslaw Rafa. Once I
understand what is going on I will probably apply it and see what happens.
Re: Cannot sign with DKIM on same-server web and mail
> Drop the quotes!
I just have whilst following advice from David Burgin - in fact I
commented out the macro entirely but still the same - dkim ok but
UNPARSEABLE_RELAY still present.
> Where does Postfix documentation say that you need to use quoted strings?
It doesn't, I agree. And forgot it doesn't. Sorry.
I copied several lines from a posting in, I think, the spamassassin
forum but have seen quotes elsewhere plus the injunction to quote it if
it has spaces in the line. Most of what I copied seems to work but not
that part. :(
I have just run tests with the quotes removed on the line...
milter_connect_macros=j {daemon_name} {daemon_addr} v _
... and it now seems to work. In fact, I initially forgot to remove the
opening quote and it still worked; odd.
I still get a single warning concerning macro "i" after a restart and a
handle_user warning "unable to find user" every email but I can live
with those.
Thanks for the help, Wietse, and to all others in this forum who helped
sort this problem. Initial tests show DKIM working correctly and
spamassassin running as a milter.
Re: Recipient address rejected for recipient address in virtual
On 2 Dec 2019, at 7:21, @lbutlr wrote: I have an email address listed in virtual in the form ama...@kreme.com. kreme+ama...@kreme.com But when an email comes in to that address, I get Recipient address rejected: unverified address: Address lookup failed; # postmap -q ama...@kreme.com hash:/etc/postfix/virtual kreme+ama...@kreme.com (Not that actual addresses, but the form is @localdomain => localuser+@localdomain) I assume I can eliminate this by taking out the reject_unverified_recipient from my smtpd_recipient_restrictions but shouldn’t this address be verified? Have you considered doing as recommended at http://www.postfix.org/DEBUG_README.html#mail to make it easier for us to understand your issue? -- Bill Cole b...@scconsult.com or billc...@apache.org (AKA @grumpybozo and many *@billmail.scconsult.com addresses) Not Currently Available For Hire
Re: Recipient address rejected for recipient address in virtual
On 2 Dec 2019, at 8:43, @lbutlr wrote: One difference is that the one that is failing changes the targeted local domain amazon@localdomain to kreme+ama...@kreme.com, if that matters. Virtual mailbox domains and virtual alias domains are distinct from each other. Local domains are another thing altogether. http://www.postfix.org/ADDRESS_CLASS_README.html#classes -- Bill Cole b...@scconsult.com or billc...@apache.org (AKA @grumpybozo and many *@billmail.scconsult.com addresses) Not Currently Available For Hire
recipient_bcc_maps: BCC for entire domain except one address
Hi, having recipient_bcc_maps set to a map containing @example.com b...@example.com should create a BCC for every mail sent to example.com regardless of the local part. Is there an easy way to define an exception, i. e. BCCs should be created for every mail sent to @example.com except for notfo...@example.com? After adding notfo...@example.com notfo...@example.com to the map, the BCC to bcc@ isn't created but mail is sent to notforme@ twice. I'd like to avoid the latter. -- Regards mks
Re: recipient_bcc_maps: BCC for entire domain except one address
Dnia 2.12.2019 o godz. 18:11:27 Markus Schönhaber pisze: > > having recipient_bcc_maps set to a map containing > > @example.com b...@example.com > > should create a BCC for every mail sent to example.com regardless of the > local part. > Is there an easy way to define an exception, i. e. BCCs should be > created for every mail sent to @example.com except for notfo...@example.com? > > After adding > > notfo...@example.com notfo...@example.com > > to the map, the BCC to bcc@ isn't created but mail is sent to notforme@ > twice. I'd like to avoid the latter. Maybe add to recipient_bcc_maps something like notfo...@example.com throwa...@your-local-domain.com and then alias "throwaway" in your "aliases" file to /dev/null ? -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub."
Re: recipient_bcc_maps: BCC for entire domain except one address
Hi Jaroslaw! Jaroslaw Rafa, 02.12.19, 18:42 CET: > Dnia 2.12.2019 o godz. 18:11:27 Markus Schönhaber pisze: >> >> having recipient_bcc_maps set to a map containing >> >> @example.com b...@example.com >> >> should create a BCC for every mail sent to example.com regardless of the >> local part. >> Is there an easy way to define an exception, i. e. BCCs should be >> created for every mail sent to @example.com except for notfo...@example.com? >> >> After adding >> >> notfo...@example.com notfo...@example.com >> >> to the map, the BCC to bcc@ isn't created but mail is sent to notforme@ >> twice. I'd like to avoid the latter. > > Maybe add to recipient_bcc_maps something like > > notfo...@example.com throwa...@your-local-domain.com > > and then alias "throwaway" in your "aliases" file to /dev/null ? thanks for the tip! A minor nuisance with this is that the "delivery" to /dev/null is still logged. But unless someone comes up with a way to avoid an additional delivery attempt altogether, I guess I'll stick with your solution. -- Regards mks
Re: Cannot sign with DKIM on same-server web and mail
Linkcheck: [ Charset windows-1252 converted... ] > > Drop the quotes! > > I just have whilst following advice from David Burgin - in fact I > commented out the macro entirely but still the same - dkim ok but > UNPARSEABLE_RELAY still present. Of course. You are now back to the milter macros list without the _. Wietse
Re: recipient_bcc_maps: BCC for entire domain except one address
Markus Sch?nhaber: > Hi, > > having recipient_bcc_maps set to a map containing > > @example.com b...@example.com Make it a PCRE map. # DO NOT INDENT THE TEXT BETWEEN IF AND ENDIF if !/^foo([-+]\S+)?@example\.com$/ /@example\.com$/ b...@example.com endif See 'man pcre_table' for details. Wietse
Re: recipient_bcc_maps: BCC for entire domain except one address
Wietse Venema, 02.12.19, 19:28 CET: > Make it a PCRE map. > > # DO NOT INDENT THE TEXT BETWEEN IF AND ENDIF > if !/^foo([-+]\S+)?@example\.com$/ > /@example\.com$/ b...@example.com > endif > > See 'man pcre_table' for details. Thanks Wietse! I'll do it that way. -- Regards mks
Unverified Recipients
Hi All I am trying to set up Unverified Recipients on Postfix postfix-3.4.8,1 on FreeBSD. I configured a cache file for the unverified addresses. I reloaded postfix but I am not seeing any file in the location I specified in the address_verify_map parameter. I cannot seem to figure out why. Please note my relevant settings below. Any help would be appreciated. #Verify Settings address_verify_map = btree:/var/db/postfix/verify unverified_recipient_reject_reason = Address lookup failure smtpd_recipient_restrictions = reject_non_fqdn_recipient, reject_unknown_recipient_domain, check_client_access hash:/usr/local/etc/postfix/internal_networks, check_sender_access hash:/usr/local/etc/postfix/not_our_domain_as_sender, permit_mynetworks, reject_unauth_destination, reject_unknown_client_hostname, reject_unknown_reverse_client_hostname, reject_rbl_client zen.spamhaus.org, reject_rbl_client cbl.abuseat.org, reject_rbl_client dul.dnsbl.sorbs.net, reject_unverified_recipient, permit
Re: Recipient address rejected for recipient address in virtual
On 02 Dec 2019, at 09:53, Bill Cole wrote: > On 2 Dec 2019, at 8:43, @lbutlr wrote: >> One difference is that the one that is failing changes the targeted local >> domain amazon@localdomain to kreme+ama...@kreme.com, if that matters. > > Virtual mailbox domains and virtual alias domains are distinct from each > other. Local domains are another thing altogether. I mean local as in on the machine. All the domains involved ar capable of receiving mail. -- "Are you pondering what I'm pondering?" "I think so, Brain, but what kind of rides do they have in Fabioland?”
Re: Recipient address rejected for recipient address in virtual
On 02 Dec 2019, at 09:47, Bill Cole wrote: > Have you considered doing as recommended at > http://www.postfix.org/DEBUG_README.html#mail to make it easier for us to > understand your issue? Logs, postconf output, postmap -q output, what am I missing? -- This above all, to thine own self be true And it must follow, as the night the day, Thou canst not then be false to any man.
Re: Recipient address rejected for recipient address in virtual
On 2 Dec 2019, at 21:31, @lbutlr wrote: On 02 Dec 2019, at 09:47, Bill Cole wrote: Have you considered doing as recommended at http://www.postfix.org/DEBUG_README.html#mail to make it easier for us to understand your issue? Logs, postconf output, postmap -q output, what am I missing? I see a couple of lines of config, not postconf -n output. Relevant map files would also help. I suspect the problem is simply that your working cases are in virtual alias domains, while the non-working case is in a local or possibly a virtual mailbox domain domain, which never gets mapped by your virtual alias map. -- Bill Cole b...@scconsult.com or billc...@apache.org (AKA @grumpybozo and many *@billmail.scconsult.com addresses) Not For Hire (currently)
