Warning message for mail either delivered in local or relayed to another server
Hello, I have a question about a warning message I regularly get in the log : > do not list domain mydomain1 in BOTH virtual_mailbox_domains and relay_domains My configuration : transport_maps = ldap:/etc/postfix/mail_routing relay_domains = mydomain1 virtual_mailbox_domains = mydomain1 I do understand why I get this warning message but my situation is particular. I do a mail routing based on a LDAP attribute which I get with transport_maps and a ldap lookup table. Mail for the users with mail adress @mydomain1 could either be delivered in local or be relayed to another mail server. That is why I declare "mydomain1" both in virtual_mailbox_domains and relay_domains Do you have a better solution in order to not see this warning message again? Thanks, Henri # dpkg -l | grep postfix ii postfix2.3.8-2+b1 A high- performance mail transport agent
Re: ldap and result_filter question
Hello, I have also encountered the same situation : multiple results with one LDAP query. I first think about the expansion_limit parameter, but it still gives a lookup transport error. I have no possibility in adding a parameter to ensure that the LDAP query will only return one result. My ldap directory is quite large and we have several tools to ensure that there won't be any entries having the same address email. However it could still happens and I would really appreciate if you could give us the "solution" to fix that. >It is "possible" to work-around the inevitable multiple result values, but >I am loath to recommend it, so would prefer to not post such a "solution". Thank you, Henri S. On Mon, May 11, 2009 at 10:28 PM, Victor Duchovni < victor.ducho...@morganstanley.com> wrote: > On Mon, May 11, 2009 at 02:29:45PM +0200, postfix wrote: > > > A high level description of my need may help: > > "I would like to accept relaying messages coming from a set of IPs AND > > which recipient address is described AT LEAST ONE TIME in the LDAP > > directory, not as a mail/mailAlternateAddress address but as group(s) > > member(s). > > This data model is flawed. LDAP is not SQL, arbitrary relations are > poorly supported. Determining wether a user is a member of "some" group > is not efficient in LDAP, as you have to scan the set of all groups, > and then return multiple large group "entries" that match the filter. > > If you insist on this design, dump LDAP groups periodically to flat > files, and build an indexed "CDB" or "Berkeley DB" table indexed by > addesses of users who are group members. > > > => I would like to have one OK result_filter and not several ones. > > But maybe this is not possible. > > It is "possible" to work-around the inevitable multiple result values, but > I am loath to recommend it, so would prefer to not post such a "solution". > The build-a-static-table approach is I think much better. > > -- >Viktor. > > Disclaimer: off-list followups get on-list replies or get ignored. > Please do not ignore the "Reply-To" header. > > To unsubscribe from the postfix-users list, visit > http://www.postfix.org/lists.html or click the link below: > <mailto:majord...@postfix.org?body=unsubscribe%20postfix-users> > > If my response solves your problem, the best way to thank me is to not > send an "it worked, thanks" follow-up. If you must respond, please put > "It worked, thanks" in the "Subject" so I can delete these quickly. >
unknown mail transport error
status Feb 13 14:25:37 alty postfix/qmgr[18753]: input attribute value: 0 Feb 13 14:25:37 alty postfix/qmgr[18753]: private/defer socket: wanted attribute: (list terminator) Feb 13 14:25:37 alty postfix/qmgr[18753]: input attribute name: (end) Feb 13 14:25:37 alty postfix/qmgr[18753]: A86D52A41C4: to=, relay=none, delay=0.09, delays=0.04/0.05/0/0, dsn=4.3.0, status=deferred (unknown mail transport error) Feb 13 14:25:37 alty postfix/qmgr[18753]: flush_add: site alty.enib.fr id A86D52A41C4 Feb 13 14:25:37 alty postfix/qmgr[18753]: match_hostname: alty.enib.fr ~? alty.enib.fr Feb 13 14:25:37 alty postfix/qmgr[18753]: connect to subsystem public/flush Feb 13 14:25:37 alty postfix/qmgr[18753]: send attr request = add Feb 13 14:25:37 alty postfix/qmgr[18753]: send attr site = alty.enib.fr Feb 13 14:25:37 alty postfix/qmgr[18753]: send attr queue_id = A86D52A41C4 Feb 13 14:25:37 alty postfix/qmgr[18753]: public/flush socket: wanted attribute: status Feb 13 14:25:37 alty postfix/qmgr[18753]: input attribute name: status Feb 13 14:25:37 alty postfix/qmgr[18753]: input attribute value: 0 Feb 13 14:25:37 alty postfix/qmgr[18753]: public/flush socket: wanted attribute: (list terminator) Feb 13 14:25:37 alty postfix/qmgr[18753]: input attribute name: (end) Feb 13 14:25:37 alty postfix/qmgr[18753]: flush_add: site alty.enib.fr id A86D52A41C4 status 0 Feb 13 14:25:37 alty postfix/qmgr[18753]: defer transport local: 4.3.0 unknown mail transport error Feb 13 14:25:37 alty postfix/qmgr[18753]: defer site d...@alty.enib.fr: 4.3.0 unknown mail transport error Feb 13 14:25:37 alty postfix/qmgr[18753]: qmgr_active_done: A86D52A41C4 Feb 13 14:25:37 alty postfix/qmgr[18753]: wakeup A86D52A41C4 after 1000 secs Feb 13 14:25:37 alty postfix/qmgr[18753]: qmgr_active_defer: defer A86D52A41C4 Feb 13 14:25:37 alty postfix/qmgr[18753]: qmgr_job_free: A86D52A41C4 local -- __ Henri ChevretonE.N.I. de Brest tel 02 98 05 66 62 CS 73862 chevre...@enib.fr 29238 BREST CEDEX 3 __
Sub-domain Alias Assistance
Hello, I manage a mailman mailing list server. The mailing list address (aliases) were being managed from from /etc/aliases (on Ubuntu). In the past I have configured the aliases and ran the postalias command to update the .db file and everything has been working great! However, I am now concerned that I have made some mistakes with regards the setup of the postfix configuration. I updated the system (with apt-get) and I guess this updated the version of postfix I was running. I figured everything was running correctly. However, when I recently went to configure a mailing list by adding various lines similar to the following : maillistn...@domain.com: "|/var/lib/mailman/mail/mailman post maillistname" into the /etc/alias file and then going to run the postalias command on this file to update the .db file. the following error was reported : postalias: warning: /etc/aliases, line XXX: name must be local for every line which contained the above syntax. I am guessing this is because the domain.com is not the local domain for the server. However, post fix is setup to relay mail for this this subdomain in the /etc/postfix/main.cf file. In addition, mailman is configured as the transport for this domain. I am not sure exactly what I have done wrong or how to fix this situation. At present, I am not able to add any mailing lists to the server. I will keep looking into the problem. However, if anyone on this list is able to provide any helpful hints, they would certainly be most welcomed. I will report back if I manage to work this out. Thanks. Disclaimer : I am still learning about postfix administration. As such it is very possible that I have configured something in a very odd way and I am doing something very simple totally wrong. - This email is protected by LBackup, an open source backup solution : http://www.lucidsystems.org/tools/lbackup LBackup is fully compatible with LINUX and Mac OS X based systems. In addition you are free to customize it to meet your requirements via pre and post hook scripts. Alternatively you may edit the source code which is included with every download of LBackup. -
Re: Sub-domain Alias Assistance
maillistn...@domain.com: "|/var/lib/mailman/mail/ mailman post maillistname" f...@bar.tld: "|/path" is not local in postalias foo: "|/path" is to solve setup mailman to use postfix virtual_alias_domains this is explained in mailman docs -- xpoint Okay thank you this makes sense. I have one further question in this case. Please correct me if I have misunderstood the setup you described. My question with this setup is : How do I stop delivery to the primary domain? Clarification of question : --- If I had a mailing list called foo-maill...@sub-domain.com which I had redirected to local account foo-maillist. How would I then stop delivery to the foo-maill...@domain.com. As I understand it, adding the foo-maillist to the /etc/alias would essentially mean that there would be an email account for this mailing list at both the sub-domain and also at the primary domain. How do I avoid adding the foo-maillist into the /etc/alias to stop this from happening? Essentially, I would like to have foo-maill...@sub- domain.com and not have foo-maill...@domain.com. In the past I had specified the full domain in the alias file and it was working. I am guessing that I misunderstood the way to do this in the past and botched up the configuration. Howevr, everything worked when I tested this previous configuration. However, now when I runs post-alias this warning is reported is this warning fatal will postfix still work correctly. I would like to set this up in way that makes sense. I am still learning what the recommended way of doing this with postfix is, I thought I had worked it out. Any further clarification would be warmly welcomed. I have tried creating a file called /etc/postfix/virtual/aliases and then added the virtual alias information to this file. The mail server is setup with the other files /etc/postfix/virtual/domains and /etc/postfix/virtual/ addresses as I have configured the mail server to run other virtual domains. If there is a way of setting up the mailing list on the sub-domain and not on the primary domain that would be great. However, as far as I can tell this is not possible with the virtual alias domains as it must deliver to a local address. Please let me know if I have misunderstood the postfix documentation or your recommendations. The only way I had worked out of stopping the local delivery was to speicy the full address in the /etc/alias file. Which worked in the past. Is there some way to only have the address foo-maill...@sub-domain.com and not have the foo-maill...@domain.com Thank you again for your assistance. Much appreciated. virtual_alias_maps: (note that this is postmap'd not postalias'd, so there's no colons) listn...@example.com listname listname-ad...@example.com listname-admin etc.. Then in /etc/aliases: listname: "|/var/lib/mailman/mail/mailman post listname" listname-admin: "|/var/lib/mailman/mail/mailman admin listname" Thank you for this reply as well. However, I think this has exactly the problem I am attempting to work around. I would like to not have the mailing list on the local domain only on the virtual domain. If I have misunderstood please correct me. Thank you again.
Re: Sub-domain Alias Assistance
I have one further question in this case. Please correct me if I have misunderstood the setup you described. My question with this setup is : How do I stop delivery to the primary domain? Two possible solutions: 1. List only one of the domains in $mydestination. Only addresses in local (mydestination) domains are passed to the local(8) delivery agent and subjected to aliases(5) expansion. 2. Use a virtual(5) alias to implement the list: virtual(5) f...@example.comfoo-inter...@localhost aliases(5) foo-internal: "|/path args" Optional, block direct mail to "foo-internal": access(5) # For each domain in $mydestination: foo-inter...@example.comREJECT Access denied foo-inter...@example.netREJECT Access denied Thanks Viktor, Option two is a possibility. However, it seems overly complex. In this situation there are now three database files to be updated. Rather than just one. If this is the recommended way I will do it this way. It just far more complicated that what I was doing. Is there any reason (sorry I am not a post fix developer) that it is now not possible to specify a non-local domain in the /etc/alias file. Being able to do this was really a good way of dealing with the situation in the previous version. Just one database to update for list removal or addition? At this point. I will update the three files if that is the recommended way of doing this. I just think the way it used to work was far less complex. I see that option one is also a possible with some major re- arrangement of the postfix configuration. However, doing this rearrangement means that then running a mailing list on a different domain in the future on this server becomes quite complex again. Option one should work. I will try option two a this point. If any one has any other ways of doing this then please let me know. Being able to add in something like mailinglistn...@example.com to the /etc/alias file is a good idea, I am happy to contribute back to post fix project to make this work if others think this is a good idea, provided doing this would not be overly complicated. I really liked the ability to do this in the older version of postfix. It was very nice being able to just set this from a single file in the /etc/ alias/ file. However, I suppose this is a topic for the developer mailing list. Thanks again, for your suggestions Viktor. With your assistance I will be able to get it working in the very near future! Right now I am very keen to actually get it working ASAP. I am then happy to spend some time to work it out in a better way even if this means a re-organization. Again, if anyone has some other suggestions I am listening. Thank you again to everyone who has provided me with some feed back to date!
Re: Sub-domain Alias Assistance
and this is how mailman does it with virtual alias, so to clear up the mess, make sure there is no mydestination domains that are maillists, if there is move them to virtual_domains and if still needed map them to be delivered local Yes - thanks to post by Vicktor, this is what I will be doing. Thanks.
Re: Sub-domain Alias Assistance
and this is how mailman does it with virtual alias, so to clear up the mess, make sure there is no mydestination domains that are maillists, if there is move them to virtual_domains and if still needed map them to be delivered local Yes - thanks to post by Vicktor, this is what I will be doing. using mailman here, and i have lists.junc.info as mydestination just to confuse it even more, well this is how i did, but if you want more then one mailman domain then mailman can handle the virtual_domain as well as virtual_alias and the virtual_alias maps back to local alias, this is needed as long virtual_alias does not support pipe " Okay thanks good to know.
Re: Sub-domain Alias Assistance
Thank you to everyone who provided assistance with regards sub-domain aliases. The mailman mailing lists are working great now! Finally, what are your general thoughts on being able to include non- local addresses in the /etc/aliases file? Before, I sign up to the developer mailing list I would like some feed back about this from people who have more experience with the way postfix works. After all, there could be a good reason that this file is only for local mail. If anyone is able to explain why this is file is only for dealing with local mail then I would be be most interested to know more. You all provided great feed back. The postfix mailman community is very helpful which is a really good for this kind of project. Thank you again!
Re: Sub-domain Alias Assistance
Thank you to everyone who provided assistance with regards sub-domain aliases. The mailman mailing lists are working great now! Finally, what are your general thoughts on being able to include non-local addresses in the /etc/aliases file? Before, I sign up to the developer mailing list I would like some feed back about this from people who have more experience with the way postfix works. After all, there could be a good reason that this file is only for local mail. If anyone is able to explain why this is file is only for dealing with local mail then I would be be most interested to know more. You all provided great feed back. The postfix mailman community is very helpful which is a really good for this kind of project. Thank you again! Before you sign up for the developer mail list, read its purpose on the http://www.postfix.org/lists.html page. "NOT for questions, problem reports and feature requests;" Addresses listed in alias_maps are expanded during delivery by the local(8) delivery agent. This is the only postfix process that expands these aliases. As a result, only local usernames (ie. the user part of any domain listed in $mydestination) are valid in the local alias table. This is for both sendmail(TM) compatibility and for security. If you need to rewrite arbitrary addresses, use the virtual_alias_maps feature. These design features are not likely to change. For further details, see http://www.postfix.org/aliases.5.html http://www.postfix.org/local.8.html http://www.postfix.org/OVERVIEW.html and the list archives. Okay thank you. This is all great information. I understand now from reading the man page for local that this is only for local queues : This line states this perfectly : "All delivery decisions are made using the bare recipient name" As such this lookup is not going to involve the part of the email after the '@' symbol. If I have misunderstood then please let me know. I am guessing that in the earlier version of postfix the entire email address was being examined and now this is not the case. Thank you again for your help and clarification with regards the local command and its relevance to the /etc/aliases (.db file).
[pfx] Selection of a custom smtp-transport based on recipient addresse's MX with check_recipient_mx_access doesn't work
Hi together, our customers have big problems sending bulk E-Mails to their signed members who's domains use a ...protection.outlook.com MX. After a few hundred mails to different addresses who's domains use a protection.outlook.com MX, the receiving servers respond with "...451 4.7.500 Server busy. Please try again later..." So our idea was to configure some additional custom smtp-transports which could then be chosen by filtering by the MX to be used for the receiving addresse's domains. So I configured the three smtp-transports slowersmtp, slowsmtp and veryslowersmtp in main.cf and master.cf. Then I thought I could use... smtpd_recipient_restrictions = check_recipient_mx_access pcre:/etc/postfix/mx_transport_filter And in mx_transport_filter I could filter by outlook.com and all other to choose the assigned smtp-transport. But when I test it with... sendmail -t < ./testmail.txt ... a few times fast one after another and use tail -f on the maillog file, I must watch the e-mails all delivered directly one after another without the delay of 60sec, configured for the veryslowsmtp. I must be having some missconfiguration or did not really understand how it works or should work. In my desperation I also tried to search the web (all major search engines) or even ask Perplexity, ChatGTP, Gemini or CoPilot, but they all gave me all kinds of answers. I tried a lot of them but none worked. Could please someone help me solve this problem and tell me what I am doing wrong or what should be changed? Here are the relevant parts of my configuration # postconf | grep smtp_host_lookup smtp_host_lookup = dns # postconf | grep disable_dns_lookups disable_dns_lookups = no main.cf ... smtpd_recipient_restrictions = check_recipient_mx_access pcre:/etc/postfix/mx_transport_filter slowersmtp_initial_destination_concurrency = 2 slowersmtp_destination_concurrency_limit = 1 slowersmtp_destination_recipient_limit = 2 slowersmtp_destination_rate_delay = 2s slowersmtp_destination_concurrency_failed_cohort_limit = 10 slowsmtp_initial_destination_concurrency = 2 slowsmtp_destination_concurrency_limit = 1 slowsmtp_destination_recipient_limit = 2 slowsmtp_destination_rate_delay = 10s slowsmtp_destination_concurrency_failed_cohort_limit = 20 veryslowsmtp_initial_destination_concurrency = 2 veryslowsmtp_destination_concurrency_limit = 1 veryslowsmtp_destination_recipient_limit = 2 veryslowsmtp_destination_rate_delay = 60s veryslowsmtp_destination_concurrency_failed_cohort_limit = 10 ... master.cf ... slowersmtp unix- - n - - smtp slowsmtp unix - - n - - smtp veryslowsmtp unix - - n - - smtp /etc/postfix/mx_transport_filter: /\.outlook\.com$/veryslowsmtp /.*/slowersmt Many thanks in advance, regards Henri ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: Selection of a custom smtp-transport based on recipient addresse's MX with check_recipient_mx_access doesn't work
Hi nw, yes, it's an issue with protection.outlook.com Servers, but not with a blacklist. Ourcustomers are able to deliver about betweeen 700 and 1100 mails to recipient addresses which domains MX is under protection.outlook.com. And there seems to also be a configuration option for an incoming rate limit which seems to be 3600 mails/h like some admins of one customer told me. But that doesn't help at all because all domains which MX is under protection.outlook.com seem to have their own Outlook 365 Server configurations. So what we need to do is to limit the sending rate to all MX servers under protection.outlook.com. But it does not work with my configuration, all mails are still beeing sent directly one after another, and I can't find out why. So my question still remains: What's wrong with my config? Ah, and btw.: The missing p in slowersmtp in /etc/postfix/mx_transport_filter just got lost in copy & paste. So I still beg for help, many thanks in advance, regards Henri Am 20.05.24 um 00:00 schrieb Northwind via Postfix-users: This is most likely the issue of outlook, not yours. AFAIK outlook has the policy of IP blacklist. Maybe your IP happens to hit it. regards. After a few hundred mails to different addresses who's domains use a protection.outlook.com MX, the receiving servers respond with "...451 4.7.500 Server busy. Please try again later..." ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
