One domain not receiving properly

[The Doctor]

Got one domain not receviing mail at all.

I did a DNS serial number restart,

check the relevant files in postifx
and still no go.

When I do

telnet mail. 25

The answer is correct.

I am running 100s of Domains at this is the only one experiencing this
problem.

What do I need to do to fix this issue?

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
http://twitter.com/rootnl2k http://www.myspace.com/502748630 
Born 29 Jan 1969 Redhill,Surrey,England UK

Migrating from postfix to Exim

[The Doctor]

Hello, I am trying to migrate first my outgoing mail server  from 
postfix 2.7.0 to exim 4.71 .

I got most of it except that when I send mail locally it is ending up in
postfix's maildrop queue and not in exim.

huh?

All right the configure file looks like:

# It is usually a good idea to test a new configuration for syntactic  #
# correctness before installing it (for example, by running the command#
# "exim -C /config/file.new -bV"). # 

primary_hostname = 

domainlist local_domains = @
domainlist relay_to_domains =
hostlist relay_from_hosts = 127.0.0.1 :  :  : 
cl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data   
av_scanner = clamd:127.0.0.1 3310

spamd_address = 127.0.0.1 783 

tls_advertise_hosts = *

tls_certificate = /usr/exim/ca.crt
tls_privatekey = /usr/exim/ca.key 
daemon_smtp_ports = 25 : 465 : 587
tls_on_connect_ports = 25 : 465
never_users = root
rfc1413_hosts = *
rfc1413_query_timeout = 5s
ignore_bounce_errors_after = 2d
timeout_frozen_after = 7d

begin acl


  accept  hosts = :
  control = dkim_disable_verify  

  denymessage   = Restricted characters in address
  domains   = +local_domains
  local_parts   = ^[.] : ^...@%!/|] 
  accept  local_parts   = postmaster
  domains   = +local_domains  
  require verify= sender
  accept  hosts = +relay_from_hosts
  control   = submission
  control   = dkim_disable_verify 
  accept  authenticated = *
  control   = submission
  control   = dkim_disable_verify 
  require message = relay not permitted
  domains = +local_domains : +relay_to_domains 

  require verify = recipient

   denymessage   = rejected because $sender_host_address is in a black l
ist at $dnslist_domain\n$dnslist_text

dnslists = sbl-xbl.spamhaus.org : \
 dnsbl.njabl.org : \
 combined.njabl.org : \
 blackholes.uceb.org : \
 dev.null.dk : \
 flowgoaway.com : \
 relays.visi.com : \
 bl.spamcop.net : \
 hostkarma.junkemailfilter.com=127.0.0.2
  #
   warn   dnslists = sbl-xbl.spamhaus.org: \
 dnsbl.njabl.org : \
 combined.njabl.org : \
 blackholes.uceb.org : \
 dev.null.dk : \
 flowgoaway.com : \
 relays.visi.com : \
 bl.spamcop.net : \
 hostkarma.junkemailfilter.com=127.0.0.2
   add_header= X-Warning: $sender_host_address is in a black list at
 $dnslist_domain
   log_message   = found in $dnslist_domain  


  accept

acl_check_data:

   denymalware= *
   message= This message contains a virus ($malware_name). 
   warnspam   = nobody
   add_header = X-Spam_score: $spam_score\n\
X-Spam_score_int: $spam_score_int\n\
X-Spam_bar: $spam_bar\n\
X-Spam_report: $spam_report   
  accept

begin routers
dnslookup:
  driver = dnslookup
  domains = ! +local_domains
  transport = remote_smtp
  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
  no_more  

system_aliases:
  driver = redirect
  allow_fail
  allow_defer
  data = ${lookup{$local_part}lsearch{/etc/aliases}}
# user = exim
  file_transport = address_file
  pipe_transport = address_pipe 

userforward:
  driver = redirect
  check_local_user
# local_part_suffix = +* : -*
# local_part_suffix_optional
  file = $home/.forward
# allow_filter
  no_verify
  no_expn
  check_ancestor
  file_transport = address_file
  pipe_transport = address_pipe
  reply_transport = address_reply  

localuser:
  driver = accept
  check_local_user
# local_part_suffix = +* : -*
# local_part_suffix_optional
  transport = local_delivery
  cannot_route_message = Unknown user   

begin transports
remote_smtp:
  driver = smtp 

local_delivery:
  driver = appendfile
  file = /var/mail/$local_part
  delivery_date_add
  envelope_to_add
  return_path_add
  group = mail
  mode = 0600   

address_pipe:
  driver = pipe
  return_output 

address_file:
  driver = appendfile
  delivery_date_add
  envelope_to_add
  return_path_add 

address_reply:
  driver = autoreply 

begin retry

*  *   F,2h,15m; G,16h,1h,1.5; F,4d,6h

begin rewrite


begin authenticators

PLAIN:
  driver = plaintext
  server_set_id  = $auth2
  server_prompts = :
  server_condition   = Authentication is not yet configured
  server_advertise_condition = ${if def:tls_cipher } 

LOGIN:
  driver = plaintext
  server_set_id  = $auth1
 server_prompts = <| Username: | Password:
 server_condition   = Authentication is not yet configured
  server_advertise_condition = ${if def:tls_cipher } 

end of Configuration

I also make certain postfix is stopped.  Hopefully once this
is done I ca

Migrating large virtual domains Re: Migrating from postfix to Exim

[The Doctor]

On Sun, Apr 11, 2010 at 09:52:12AM -0300, Reinaldo de Carvalho wrote:
> On Sun, Apr 11, 2010 at 9:44 AM, The Doctor  wrote:
> > Hello, I am trying to migrate first my outgoing mail server  from
> > postfix 2.7.0 to exim 4.71 .
> >
> 
> ?
> 
> > I got most of it except that when I send mail locally it is ending up in
> > postfix's maildrop queue and not in exim.
> >
> 
> Replace /usr/sbin/sendmail to binary provided by exim.



Actually all I did was to mv Postfix's sendmail over and then link
/path/to/sendmail to /path/to/exim

Great stuff.  Maybe I will right the Postfix to Exim migration articles : -)


> --
> Reinaldo de Carvalho
> http://korreio.sf.net
> http://python-cyrus.sf.net
>
> "Don't try to adapt the software to the way you work, but rather
> yourself to the way the software works" (myself)


Next I have a rather large virtual e-mail to migrate

IF I could parse after the postfix's main.cf virtual_alias_domains = one
 space at the time,
I could then set up in /path/to/virtual a directory with each unique name
and then from its virtual file transfer over the rest
that would be grand.

any tools to do this?

and then there is majordomo, but that is spoken for nicely.  

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
http://twitter.com/rootnl2k http://www.facebook.com/dyadallee
UK Time for a Common Sense change vote Liberal Democrat / Alliance 

Wanting incoming and outgoing e-mail montiroed for spam and virii

[The Doctor]

Right I am tyring to get postfix with amavisd-ng to probe and stop virus and 
spam mail.

However it seems that localhost is going through without scrutiny and
some incoming e-mail is not being stopped.

postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
body_checks = regexp:/etc/postfix/body_checks
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = amavisfeed:[127.0.0.1]:10024
cyrus_sasl_config_path = /usr/contrib/lib/sasl2/
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debug_peer_list = nk.ca
disable_vrfy_command = yes
fast_flush_domains = $relay_domains, nk.ca, nl2k.ab.ca
hash_queue_names = " " defer deferred
header_checks = regexp:/etc/postfix/header_checks
html_directory = /var/www/docs/postfix
in_flow_delay = 1s
inet_interfaces = all
local_destination_concurrency_limit = 2
local_recipient_maps = unix:passwd.byname $alias_maps
local_transport = local
mail_owner = postfix
mail_spool_directory = /var/mail
mailbox_command = /usr/bin/procmail
mailbox_size_limit = 104857600
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
message_size_limit = 2100
milter_protocol = 6
mydestination = $myhostname, localhost.$mydomain, localhost, www.$mydomain, 
ns1.$mydomain, ftp.$mydomain, secure.$mydomain, localhost.nl2k.ab.ca , 
localhost.nk.ca , $mydomain, mail.nk.ca, www.nk.ca, nk.ca, valid.nk.ca, 
secure.nl2k.ab.ca, dspam.nk.ca, dspam.netknow.ca, dspam.nl2k.ca, 
dspam.nl2k.ab.ca, edmontonab.ca, internetedmonton.ca, 
edmontoninternetserviceprovider.ca, internetalberta.ca, albertainternet.ca, 
albertainternetserviceprovider.ca, netknow.ca, nl2k.ca, nl2k.ab.ca, 
valid.nl2k.ab.ca, secure.nl2k.ab.ca, mail.nl2k.ab.ca, home.nl2k.ab.ca
mydomain = nk.ca
myhostname = doctor.nl2k.ab.ca
mynetworks = 204.209.81.0/24, 208.118.93.0/24, 208.118.94.0/24, 127.0.0.0/8
mynetworks_style = host
myorigin = $myhostname
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = no
relay_domains = $virtual_alias_domains
relay_recipient_maps = hash:/etc/postfix/access
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtp_tls_loglevel = 2
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache
smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)
smtpd_client_restrictions = check_client_access hash:/etc/postfix/access
smtpd_data_restrictions = reject_unauth_pipelining, permit
smtpd_error_sleep_time = 0
smtpd_helo_required = yes
smtpd_recipient_restrictions = reject_invalid_hostname,
reject_non_fqdn_hostname,reject_non_fqdn_sender,
reject_non_fqdn_recipient,reject_unknown_sender_domain, 
   reject_unknown_recipient_domain,
reject_unverified_recipient,permit_mynetworks,
permit_sasl_authenticated,  reject_unauth_destination,  
  check_recipient_access pcre:/etc/postfix/recipient_checks.pcre,   
 reject_rbl_client sbl-xbl.spamhaus.org,reject_rbl_client 
zen.spamhaus.org,reject_rbl_client dnsbl.njabl.org, 
   reject_rbl_client combined.njabl.org,  reject_rbl_client 
dev.null.dk,  reject_rbl_client flowgoaway.com,   
reject_rbl_client relays.visi.com,  reject_rbl_client 
bl.spamcop.net,   reject_rbl_client 
hostkarma.junkemailfilter.com=127.0.0.2,  permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = mail.nk.ca
smtpd_sasl_path = smtpd
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/postfix/mail.nk.ca.2009.cert.pem
smtpd_tls_key_file = /etc/postfix/mail.nk.ca.2009.key.pem
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = 
btree:/var/lib/postfix/smtpd_tls_session_cache
smtpd_use_tls = yes
soft_bounce = yes
strict_rfc821_envelopes = yes
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
virtual_alias_domains = 
virtual_alias_maps = hash:/etc/postfix/virtual


And the master.cf is


#
# Postfix master process configuration file.  For details on the format
# of the file, see the Postfix master(5) manual page.
#
# ==
# service type  private unpriv  chroot  wakeup  maxproc command + args
#   (yes)   (yes)   (yes)   (never) (100)
# ==
smtp  inet  n   -   n   -   -   smtpd 
-o smtpd_proxy_filter=127.0.0.1:10125
-o content_filter=amavisfeed:[120.0.0.1]:10024
##  -o cleanup_service_name=pre-cleanup

127.

Major Bug!!

[The Doctor]

Dear Wietse,

There is a bug in Postfix that should looked at immediately.

FRom 

http://groups.google.com/group/alt.comp.mail.postfix/browse_thread/thread/fa83dc31cec1194e#

In case you think I am being pompous, I am not.

Found the problem, a filter was set to 120.0.0.1 instead of 127.0.0.1 .

I thought it was fixed.

Even after 'fixing' this problem, postfix still insisted the filter
was at 120.0.0.1 .

All right I do not mind the smtp_fallback_relay , but this indicates a bug
somewhere in postfix.  

Even if told to change directions, it was still looking for the wrong server?

I tried both 2.7.0 and 2.8 experimental!

The debugging sectin help and stil we have a back up of e-mail.

PLEASE fix! 


-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
http://twitter.com/rootnl2k http://www.facebook.com/dyadallee
UK Time for a Common Sense change vote Liberal Democrat / Alliance 

[mailer-dae...@doctor.nl2k.ab.ca: Postfix SMTP server: errors from mail-iw0-f172.google.com[209.85.223.172]]

[The Doctor]

First off apologies for the rather sharp tone:

A case of too many agngry customers breathing down the neck.

Anyhow I have been since recover been getting many of these:

- Forwarded message from Mail Delivery System 
 -

X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on doctor.nl2k.ab.ca
X-Spam-Level: 
X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham
version=3.3.1
X-Original-To: postmaster
Delivered-To: postmas...@doctor.nl2k.ab.ca
Date: Thu, 22 Apr 2010 14:52:20 -0600 (MDT)
From: Mail Delivery System 
To: Postmaster 
Subject: Postfix SMTP server: errors from
mail-iw0-f172.google.com[209.85.223.172]

Transcript of session follows.

 Out: 220 doctor.nl2k.ab.ca ESMTP Postfix (2.8-20100323)
 In:   mail-iw0-f172.google.com
 Out: 402 4.5.2 Error: command not recognized
 In:  HELO mail-iw0-f172.google.com
 Out: 250 doctor.nl2k.ab.ca
 In:  MAIL FROM:
 Out: 250 2.1.0 Ok
 In:  RCPT TO:
 Out: 250 2.1.5 Ok
 In:  DATA
 Out: 354 End data with .
 Out: 451 4.3.0 Error: queue file write error
 In:  QUIT
 Out: 221 2.0.0 Bye


For other details, see the local mail logfile

- End forwarded message -


And I get the customer saying :" I am getting repeated e-mails
coming through".

Questions:  Has anyone seen this happen before ?
Do you need to see my master.cf / main.cf files?

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
http://twitter.com/rootnl2k http://www.facebook.com/dyadallee
UK Time for a Common Sense change vote Liberal Democrat / Alliance 

Re: [mailer-dae...@doctor.nl2k.ab.ca: Postfix SMTP server: errors from mail-iw0-f172.google.com[209.85.223.172]]

[The Doctor]

On Thu, Apr 22, 2010 at 06:35:52PM -0400, Bill Cole wrote:
> The Doctor wrote, On 4/22/10 5:38 PM:
>> First off apologies for the rather sharp tone:
>>
>> A case of too many agngry customers breathing down the neck.
>>
>> Anyhow I have been since recover been getting many of these:
>>
>> - Forwarded message from Mail Delivery 
>> System  -
>>
>> X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on doctor.nl2k.ab.ca
>> X-Spam-Level:
>> X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham
>>  version=3.3.1
>> X-Original-To: postmaster
>> Delivered-To: postmas...@doctor.nl2k.ab.ca
>> Date: Thu, 22 Apr 2010 14:52:20 -0600 (MDT)
>> From: Mail Delivery System
>> To: Postmaster
>> Subject: Postfix SMTP server: errors from
>>  mail-iw0-f172.google.com[209.85.223.172]
>>
>> Transcript of session follows.
>>
>>   Out: 220 doctor.nl2k.ab.ca ESMTP Postfix (2.8-20100323)
>>   In:   mail-iw0-f172.google.com
>>   Out: 402 4.5.2 Error: command not recognized
>
> This looks like the behavior of a broken firewall playing games with 
> (E)SMTP commands. The Google client machine almost certainly said 'EHLO' 
> and something between it and Postfix decided to replace that with '' so 
> that it would back off to baseline SMTP. That alone is not necessarily 
> evil, but every example of firewalls trying that sort of intrusion into the 
> application layer of mail (most of them done by Cisco) has resulted in bad 
> breakage. That firewall may or may not be the cause of your current 
> trouble, but allowing it to do such things will cause you trouble.
>
>>   In:  HELO mail-iw0-f172.google.com
>>   Out: 250 doctor.nl2k.ab.ca
>>   In:  MAIL FROM:
>>   Out: 250 2.1.0 Ok
>>   In:  RCPT TO:
>>   Out: 250 2.1.5 Ok
>>   In:  DATA
>>   Out: 354 End data with.
>>   Out: 451 4.3.0 Error: queue file write error
>
> http://www.postfix.org/SMTPD_PROXY_README.html explains one possible source 
> of this: inability to connect to a before-queue proxy.
>
> Others include permissions and storage space issues with your queue 
> directory and various other configuration errors. What is sent back to the 
> client in this class of circumstances is documented as being "intentionally 
> vague" so you really do need to look at the log for useful info.
>

Might be the cause.

I am running amavis on 10024/5 and clamsmtp on 10125/6

>
>>   In:  QUIT
>>   Out: 221 2.0.0 Bye
>>
>>
>> For other details, see the local mail logfile
>
> You need to do that. See http://www.postfix.org/DEBUG_README.html#logging
>

Will do.

>
>> - End forwarded message -
>>
>>
>> And I get the customer saying :" I am getting repeated e-mails
>> coming through".
>
> As that session shows no message being received, it is not involved in any 
> sort of repeats.
>
>> Questions:  Has anyone seen this happen before ?
>
> A few seconds with Google could have answered that question for you.
>
> The answer I get from skimming a few results is "Yes, and it seems to be a 
> particular problem for people using Plesk." That is probably not a very 
> useful answer, but it was a very broad question.
>
>> Do you need to see my master.cf / main.cf files?
>
> See http://www.postfix.org/DEBUG_README.html#mail
>
> In general, 'postconf -n' output is better than passing along all of 
> main.cf, because it provides just the non-default configurations that 
> postfix is actually using. The uncommented lines from master.cf can 
> sometimes be helpful as well, but they can often be inferred from log 
> entries.
>
>
>
>

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
http://twitter.com/rootnl2k http://www.facebook.com/dyadallee
UK Time for a Common Sense change vote Liberal Democrat / Alliance 

[mailer-dae...@doctor.nl2k.ab.ca: Postfix SMTP server: errors from idcmail-mo2no.shaw.ca[64.59.134.9]]

[The Doctor]

Just continuing

- Forwarded message from Mail Delivery System 
 -

X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on doctor.nl2k.ab.ca
X-Spam-Level: 
X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham
version=3.3.1
X-Original-To: postmaster
Delivered-To: postmas...@doctor.nl2k.ab.ca
Date: Fri, 23 Apr 2010 07:38:48 -0600 (MDT)
From: Mail Delivery System 
To: Postmaster 
Subject: Postfix SMTP server: errors from idcmail-mo2no.shaw.ca[64.59.134.9]

Transcript of session follows.

 Out: 220 doctor.nl2k.ab.ca ESMTP Postfix (2.8-20100323)
 In:   idcmail-mo2no.shaw.ca
 Out: 402 4.5.2 Error: command not recognized
 In:  HELO idcmail-mo2no.shaw.ca
 Out: 250 doctor.nl2k.ab.ca
 In:  MAIL FROM:
 Out: 250 2.1.0 Ok
 In:  RCPT TO:
 Out: 250 2.1.5 Ok
 In:  DATA
 Out: 354 End data with .
 Out: 451 4.3.0 Error: queue file write error

Session aborted, reason: lost connection

For other details, see the local mail logfile

- End forwarded message -


And from a heavily debugged log

Apr 23 07:36:59 doctor doctor[31]: postfix/smtpd[8947]: < 
idcmail-mo2no.shaw.ca[64.59.134.9]: RCPT TO:
Apr 23 07:36:59 doctor doctor[31]: postfix/smtpd[8947]: extract_addr: input: 

Apr 23 07:36:59 doctor doctor[31]: postfix/smtpd[8947]: smtpd_check_addr: 
addr=recipent
Apr 23 07:36:59 doctor doctor[31]: postfix/smtpd[8947]: send attr address = 
recipent
Apr 23 07:36:59 doctor doctor[31]: postfix/smtpd[8947]: input attribute value: 
recipent
Apr 23 07:36:59 doctor doctor[31]: postfix/smtpd[8947]: rewrite_clnt: local: 
recipent -> recipent
Apr 23 07:36:59 doctor doctor[31]: postfix/smtpd[8947]: send attr address = 
recipent
Apr 23 07:36:59 doctor doctor[31]: postfix/smtpd[8947]: input attribute value: 
recipent
Apr 23 07:36:59 doctor doctor[31]: postfix/smtpd[8947]: resolve_clnt: `' -> 
`recipient' -> transp=`error' host=`User unknown in virtual alias table' 
rcpt=`recipient' flags= class=alias
Apr 23 07:36:59 doctor doctor[31]: postfix/smtpd[8947]: ctable_locate: install 
entry key recipent
Apr 23 07:36:59 doctor doctor[31]: postfix/smtpd[8947]: extract_addr: in: 
, result: recipent
Apr 23 07:36:59 doctor doctor[31]: postfix/smtpd[8947]: 
reject_non_fqdn_address: recipent
Apr 23 07:36:59 doctor doctor[31]: postfix/smtpd[8947]: reject_unknown_address: 
recipent
Apr 23 07:36:59 doctor doctor[31]: postfix/smtpd[8947]: ctable_locate: move 
existing entry key recipent
Apr 23 07:36:59 doctor doctor[31]: postfix/smtpd[8947]: 
reject_unverified_address: recipent
Apr 23 07:36:59 doctor doctor[31]: postfix/smtpd[8947]: send attr address = 
recipent
Apr 23 07:36:59 doctor doctor[31]: postfix/smtpd[8947]: 
reject_unauth_destination: recipent
Apr 23 07:36:59 doctor doctor[31]: postfix/smtpd[8947]: 
permit_auth_destination: recipent
Apr 23 07:36:59 doctor doctor[31]: postfix/smtpd[8947]: ctable_locate: leave 
existing entry key recipent
Apr 23 07:36:59 doctor doctor[31]: postfix/smtpd[8947]: check_mail_access: 
recipent
Apr 23 07:36:59 doctor doctor[31]: postfix/smtpd[8947]: ctable_locate: leave 
existing entry key recipent
Apr 23 07:36:59 doctor doctor[31]: postfix/smtpd[8947]: check_access: recipent
ostfix/recipient_checks.pcre: recipent
Apr 23 07:37:00 doctor doctor[31]: postfix/smtpd[8947]: ctable_locate: leave 
existing entry key recipent
Apr 23 07:37:00 doctor doctor[31]: postfix/smtpd[8947]: maps_find: 
recipient_canonical_maps: recipent: not found
Apr 23 07:37:00 doctor doctor[31]: postfix/smtpd[8947]: mail_addr_find: 
recipent -> (not found)
Apr 23 07:37:00 doctor doctor[31]: postfix/smtpd[8947]: maps_find: 
canonical_maps: recipent: not found
Apr 23 07:37:00 doctor doctor[31]: postfix/smtpd[8947]: mail_addr_find: 
recipent -> (not found)
Apr 23 07:37:00 doctor doctor[31]: postfix/smtpd[8947]: maps_find: 
virtual_alias_maps: hash:/etc/postfix/virtual(0,lock|fold_fix): recipent = 
localrcpt
Apr 23 07:37:00 doctor doctor[31]: postfix/smtpd[8947]: mail_addr_find: 
recipent -> localrcpt
Apr 23 07:37:00 doctor doctor[31]: postfix/smtpd[8947]: > 127.0.0.1:10125: RCPT 
TO:
Apr 23 07:37:00 doctor doctor[31]: postfix/smtpd[8666]: < 
localhost.nl2k.ab.ca[127.0.0.1]: RCPT TO:
Apr 23 07:37:00 doctor doctor[31]: postfix/smtpd[8666]: extract_addr: input: 

Apr 23 07:37:00 doctor doctor[31]: postfix/smtpd[8666]: smtpd_check_addr: 
addr=recipent
Apr 23 07:37:00 doctor doctor[31]: postfix/smtpd[8666]: send attr address = 
recipent
Apr 23 07:37:00 doctor doctor[31]: postfix/smtpd[8666]: input attribute value: 
recipent
Apr 23 07:37:00 doctor doctor[31]: postfix/smtpd[8666]: rewrite_clnt: local: 
recipent -> recipent
Apr 23 07:37:00 doctor doctor[31]: postfix/smtpd[8666]: send attr address = 
recipent
Apr 23 07:37:00 doctor doctor[31]: postfix/smtpd[8666]: input attribute value: 
recipent
Apr 23 07:37:00 doctor doctor[31]: postfix/smtpd[8666]: resolve_clnt: `' -> 
`recipent' -> transp=`error' host=`User unknown in virtual alias table' 
rcpt=`recipent' flags= class=alias
Apr 23 07:37:00 doctor doctor[31]: postfix/sm

Re: [mailer-dae...@doctor.nl2k.ab.ca: Postfix SMTP server: errors from mail-iw0-f172.google.com[209.85.223.172]]

[The Doctor]

On Thu, Apr 22, 2010 at 03:02:30PM -0700, brian moore wrote:
> On Thu, 22 Apr 2010 15:38:06 -0600
> The Doctor  wrote:
> 
> 
> >  Out: 220 doctor.nl2k.ab.ca ESMTP Postfix (2.8-20100323)
> >  In:   mail-iw0-f172.google.com
> >  Out: 402 4.5.2 Error: command not recognized
> 
>  is not a valid SMTP/ESMTP command.
> 
> Are you using a Pix?
>

No.
 
> 
> >  Out: 451 4.3.0 Error: queue file write error
> 
> I believe that will show up in an SMTP (ie, not ESMTP) session
> where the SIZE attribute is neither specified nor read from the ESMTP
> response.
> 
> Ie, "send a file larger than the max size and don't bother telling
> the receiver 'oh, yeah, here comes a 20M file' first."
> 
> The ESMTP response (which would be seen if the  was EHLO) tells the
> maximum message size, and ESMTP also allows for a SIZE= parameter on
> the MAIL FROM: as a sort of 'warning' to the receiver as well.
> 
> Google -does- usually use ESMTP, so it really looks like you have a
> Pix running SMTP Fixup, which doesn't fix anything at all.

I do not use a Pix.


-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
http://twitter.com/rootnl2k http://www.facebook.com/dyadallee
UK Time for a Common Sense change vote Liberal Democrat / Alliance 

Re: WHAT IS "probe" Mail Delivery Status Report

[The Doctor]

On Sat, Apr 24, 2010 at 11:48:16AM -0400, Wietse Venema wrote:
> Stan Hoeppner:
> > Wietse Venema put forth on 4/24/2010 8:39 AM:
> > 
> > > - Your mail server is suffering from 100x red-shift due to the
> > >   rapid expansion of the universe.
> > > 
> > > Sending Postfix off into space to study time dilation effects, that
> > > is an option that I haven't considered before.
> > 
> > I deleted a very similar comment from my last email regarding "The Doctor's"
> > time issues.  My humor has been falling flat lately, so I err'd on the side
> > of omission. ;)
> 
> Humor is OK provided that the receiving end does not feel ridiculed.
> That is of course subject to cultural differences, but there are
> ways make the intent clear.
> 
> In this case, I made my joke the end of a list of more serious
> explanations for the observed delays. That should make clear that
> the intent was to help with a smile, not to ridicule.
> 
> Finally, I would appreciate it if you refrain from munging the
> Subject: line when responding to this mailing list. Do not prepend
> [pfx] tags, and do not post follow-ups without Re: prefix.  I don't
> care what you do outside this mailing list.
> 
>   Wietse


Speaking of humour, how can you support someone via e-mail
when the e-mail system seens shot?

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
http://twitter.com/rootnl2k http://www.facebook.com/dyadallee
UK Time for a Common Sense change vote Liberal Democrat / Alliance 

[mailer-dae...@doctor.nl2k.ab.ca: Postfix SMTP server: errors from defout.telus.net[204.209.205.55]]

[The Doctor]

You were saying about complete life cycle and non-verbose logs

- Forwarded message from Mail Delivery System 
 -

Return-Path: double-bou...@doctor.nl2k.ab.ca
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on doctor.nl2k.ab.ca
X-Spam-Level: 
X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham
version=3.3.1
X-Original-To: postmaster
Delivered-To: postmas...@doctor.nl2k.ab.ca
Received: by doctor.nl2k.ab.ca (Postfix)
id 28DAB12CFA9C; Sat, 24 Apr 2010 13:22:00 -0600 (MDT)
Date: Sat, 24 Apr 2010 13:22:00 -0600 (MDT)
From: Mail Delivery System 
To: Postmaster 
Subject: Postfix SMTP server: errors from defout.telus.net[204.209.205.55]
Message-Id: <20100424192200.28dab12cf...@doctor.nl2k.ab.ca>

Transcript of session follows.

 Out: 220 doctor.nl2k.ab.ca ESMTP Postfix (2.8-20100323)
 In:  EHLO defout.telus.net
 Out: 250-doctor.nl2k.ab.ca
 Out: 250-PIPELINING
 Out: 250-SIZE 2100
 Out: 250-ETRN
 Out: 250-STARTTLS
 Out: 250-ENHANCEDSTATUSCODES
 Out: 250-8BITMIME
 Out: 250 DSN
 In:  MAIL FROM: SIZE=5103584
 Out: 250 2.1.0 Ok
 In:  RCPT TO:
 Out: 250 2.1.5 Ok
 In:  DATA
 Out: 354 End data with .
 Out: 451 4.3.0 Error: queue file write error

Session aborted, reason: lost connection

For other details, see the local mail logfile

- End forwarded message -



And the logs

Apr 24 13:20:10 doctor doctor[31]: postfix/smtpd[17053]: 0762D12CFB0D: 
client=defout.telus.net[204.209.205.55]
Apr 24 13:20:41 doctor doctor[31]: postfix/cleanup[17311]: 0762D12CFB0D: 
message-id=<6ef179d262924e5a8c03336971544...@taskercomp>
Apr 24 13:22:04 doctor doctor[31]: postfix/qmgr[4921]: 0762D12CFB0D: 
from=, size=5104017, nrcpt=1 (queue active)
Apr 24 13:22:04 doctor clamsmtpd: 100B1C: from=sender, to=recipient, 
status=CLEAN
Apr 24 13:22:07 doctor postfix/pipe[17941]: 0762D12CFB0D: to=, 
orig_to=, relay=spamchk, delay=117, delays=115/0/0/2.9, dsn=2.0.0, 
status=sent (delivered via spamchk service)
Apr 24 13:22:07 doctor doctor[31]: postfix/qmgr[4921]: 0762D12CFB0D: removed
Apr 24 13:22:08 doctor doctor[31]: postfix/pickup[4920]: EAE1412CFA9C: uid=28 
from=
Apr 24 13:22:08 doctor doctor[31]: postfix/cleanup[17311]: EAE1412CFA9C: 
message-id=<6ef179d262924e5a8c03336971544...@taskercomp>
Apr 24 13:22:09 doctor doctor[31]: postfix/qmgr[4921]: EAE1412CFA9C: 
from=, size=5104132, nrcpt=1 (queue active)  

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
http://twitter.com/rootnl2k http://www.facebook.com/dyadallee
UK Time for a Common Sense change vote Liberal Democrat / Alliance 

Re: [mailer-dae...@doctor.nl2k.ab.ca: Postfix SMTP server: errors from defout.telus.net[204.209.205.55]]

[The Doctor]

On Sat, Apr 24, 2010 at 06:36:48PM -0400, Wietse Venema wrote:
> Here is my reconstruction from this inadequate logging sample.
> 
> > Apr 24 13:20:10 doctor doctor[31]: postfix/smtpd[17053]: 0762D12CFB0D: 
> > client=defout.telus.net[204.209.205.55]
> > Apr 24 13:20:41 doctor doctor[31]: postfix/cleanup[17311]: 0762D12CFB0D: 
> > message-id=<6ef179d262924e5a8c03336971544...@taskercomp>
> 
> At 13:22:00, a different Postfix SMTPD process reports a queue file
> write error. This Postfix SMTPD process is missing from the logfile.
> Also missing is the logging for the postmaster notice delivery.
> 
> > Apr 24 13:22:04 doctor doctor[31]: postfix/qmgr[4921]: 0762D12CFB0D: 
> > from=, size=5104017, nrcpt=1 (queue active)
> > Apr 24 13:22:04 doctor clamsmtpd: 100B1C: from=sender, to=recipient, 
> > status=CLEAN
> 
> The logging shows a clamsmtpd filter, but the logging is missing
> for the process that sends the message into the clamsmtpd filter.
> 
> Let's assume that this missing process was the same missing Postfix
> SMTPD process that reported a queue file write error. That is
> admittedly optimistic, considering that you left out most of the
> relevant information.
> 
> Then, we have the following timeline:
> 
> 13:20:10 The missing Postfix SMTPD process receives a connection.
> 
> 13:20:10 The missing Postfix SMTPD process connects to a before-queue
>   filter (clamsmtpd).
> 
> 13:20:10 The before-queue filter (clamsmtpd) connects to Postfix
>   SMTPD process 17053.
> 
> 13:20:41 The before-queue filter (clamsmtpd) sends the message
>   header and perhaps the first part of the message body.
> 
> 13:22:00 The missing Postfix SMTPD process times out (smtpd_proxy_timeout)
>   and sends a postmaster notification. I already mentioned
>   that the postmaster notification is missing in the logging.
> 
> 13:22:04 The before-queue filter (clamsmtpd) finishes after two
>   and a half minute. This is long after the missing Postfix
>   SMTPD process has given up.
> 
> If this timeline is correct then you have too many body_checks
> rules, or you have a clamsmtpd setup that is taking too much time.
> 
> But it is more likely that you left out a whole lot of other
> relevant information with your selective logfile reporting.
> 
>   Wietse

Let me see if I can find the thorough transaction.

I have amavisd-ng on 10024 and clamsmtpd on 10125.

Problem is that this is not the only piece of e-mail being inspected
at that time frame.


-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
http://twitter.com/rootnl2k http://www.facebook.com/dyadallee
UK Time for a Common Sense change vote Liberal Democrat / Alliance 

Repeating e-mails

[The Doctor]

Question has anyone in postfix and / or amavis ever seen
repeating e-amils with binary attachments to them?

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
http://twitter.com/rootnl2k http://www.facebook.com/dyadallee
UK Time for a Common Sense change vote Liberal Democrat / Alliance 

Tracing down a spammer

[The Doctor]

Tracing and tracking.

Question is:

If you suspect your web (whether www,http,httpd user )
how can you do a header check and pin where the source of 
spam is coming from?

All I need is a check that will send to local users - go ahead
and if to a massive amount of users WITHOUT a local
user REJECT as spam.

Where can I put this?

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
http://twitter.com/rootnl2k http://www.facebook.com/dyadallee
UK Time for a Common Sense change vote Liberal Democrat / Alliance 

Binary attachment looping messages

[The Doctor]

Symptom:  Any message with a binary attached seems
to end up looping.

Anyone here wants a sample from the logs?

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
http://twitter.com/rootnl2k http://www.facebook.com/dyadallee
UK Time for a Common Sense change vote Liberal Democrat / Alliance 

Re: Stopping spammers extreme

[The Doctor]

On Tue, May 04, 2010 at 12:45:19AM +0300, Appliantologist wrote:
> Hi everyone,
> 
> I had a situation where some of my users had compromised machines and
> someone is brazil and indiawere able to authorize themselves to use
> sendmail using the login then send scenario. Recently we changed
> hosting and set up postfix. In addition we decided to eliminate any
> access to our system buy email users, instead we asked them all to go
> open gmail accounts and put the corresponding address in the virtual
> file.
> 
> Now it seems the spammers are back with a vengance and still able to
> send spam. I set up the rules suggested but it seems they are simply
> using email that exist. I was hoping someone could point me to a
> solution.
> 
> 
> I would like to set up postfix so that:
> 
> It only accepts mail generated by the scripts on the server
> and
> It only accepts mail to a predefined list of email address
> 
> I tried to make a CIDR file with most of the 3rd world in it, some
> 30,000 ips but for some reason it doesn't seem to have the effect I
> was hoping for.
> Any ideas would be helpful, thanks.David

Add amavisd to your postfix.

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
http://twitter.com/rootnl2k http://www.facebook.com/dyadallee
UK Time for a Common Sense change vote Liberal Democrat / Alliance 

Re: Stopping spammers extreme

[The Doctor]

On Tue, May 04, 2010 at 12:29:59PM +0300, Appliantologist wrote:
> Hi guys,
> 
> I still need to accept mail for the email addresses we host on our
> machine from the net, so blocking port 25 or mynetworks as local host
> would seem to prevent that.  we still have users on the domain that
> get mail to the address, except now we forward that mail to gmail
> using the virtual table
> 
> here is the result of postconf -n
> 
> alias_database = hash:/etc/aliases
> alias_maps = hash:/etc/aliases
> command_directory = /usr/sbin
> config_directory = /etc/postfix
> daemon_directory = /usr/libexec/postfix
> debug_peer_level = 2
> default_privs = apache
> disable_vrfy_command = yes
> html_directory = no
> in_flow_delay = 1s
> inet_interfaces = all
> mail_owner = postfix
> mailq_path = /usr/bin/mailq.postfix
> manpage_directory = /usr/share/man
> mydestination = $myhostname, localhost.$mydomain, localhost
> mydomain = wans-eu.com
> myhostname = wans-eu.com
> newaliases_path = /usr/bin/newaliases.postfix
> queue_directory = /var/spool/postfix
> readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
> sample_directory = /usr/share/doc/postfix-2.3.3/samples
> sendmail_path = /usr/sbin/sendmail.postfix
> setgid_group = postdrop
> smtpd_helo_restrictions = reject_invalid_hostname
> strict_rfc821_envelopes = yes
> unknown_local_recipient_reject_code = 550
> virtual_alias_domains = multiterminal.ua
> virtual_alias_maps = hash:/etc/postfix/virtual
> 
> 
> On Tue, May 4, 2010 at 2:14 AM, Terry Gilsenan
>  wrote:
> > From: owner-postfix-us...@postfix.org [owner-postfix-us...@postfix.org] On 
> > Behalf Of Appliantologist [octo...@gmail.com]
> > Sent: Tuesday, 4 May 2010 9:11 AM
> > To: Gary Smith
> > Cc: The Doctor; postfix-users@postfix.org
> > Subject: Re: Stopping spammers extreme
> >
> > Hi,
> >
> > We don't have any legitimate users sending mail aside from scripts on
> > the server (linux), only mail from localhost, anyone with an email
> > address is listed in the virtual file and has their email forwarded to
> > a gmail and uses gmail's MTA to send mail.
> >
> > Since we have all the email addresses we accept mail for in a file
> > (/etc/postfix/virtual)  I was hoping there was some way to check a) is
> > the mail from the localhost OR is the mail for an address in some
> > file.   My understanding is you can make a list of email addresses
> > that you will deliver to like a whitelist, but we also send mail from
> > scripts to outside addresses of which we don't alway know beforehand.
> >
> > I don't think I am running an open relay, I've tested it on a couple
> > of sites came back clean. I come from 20 years of sendmail, which has
> > a completely different system and we were using pop authorization,
> > until people had their password compromised and spammers took over.
> >
> > I am sure some of this is trojans so the amavisd seems like a solid
> > tool to have anyway.
> >
> > Thanks guys,
> > David
> >
> > Do this..:
> >
> > Then change mynetwokrs to be 127.0.0.1 and use a firewall to block incoming 
> > tcp on 25 and 587 it really is that simple. Dont allow services to listen 
> > to anything you dont want them to act on.
> >
> >
> >
> >
> > On Tue, May 4, 2010 at 1:49 AM, Gary Smith  wrote:
> >>> > I tried to make a CIDR file with most of the 3rd world in it, some
> >>> > 30,000 ips but for some reason it doesn't seem to have the effect I
> >>> > was hoping for.
> >>> > Any ideas would be helpful, thanks.David
> >>>
> >>> Add amavisd to your postfix.
> >>
> >> If they are relaying messages through their server, how is amavisd going 
> >> to help?  Some additional configuration details might be useful.  Are the 
> >> users authenticated?  If so, which user is sending the email?  It actually 
> >> sounds like an open relay issue.  But I'm just guessing here.
> >>
> >


Have you read the README in the amavis documentation for PostFix?

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
http://twitter.com/rootnl2k http://www.facebook.com/dyadallee
UK Time for a Common Sense change vote Liberal Democrat / Alliance 

[RCPT: Stopping automated emails]

[The Doctor]

- Forwarded message from   -

X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on doctor.nl2k.ab.ca
X-Spam-Level: 
X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham
version=3.3.1
X-Virus-Scanned: amavisd-new at doctor.nl2k.ab.ca
Date: Thu, 6 May 2010 10:00:55 -0400 (EDT)
Subject: Stopping automated emails
User-Agent: Alpine 2.00 (NEB 1167 2008-08-23)
X-Mailer: Alpine.BSD.0.999

I am the current holder of the email address TARGET

I believe that a prior owner of this address had services with you.
I receive hundreds of emails per month like the one forwarded below
from OFFENDER

I am requesting that you please stop sending these emails to me.
If you need to confirm authenticity, please communicate with me at
the same address: TARGET and I will reply to it.

Please help, I get more than 1,000 emails from OFFENDER
per month. I need this to stop.
Thank you

-- 
SDF Public Access UNIX System - http://sdf.lonestar.org
SDF runs on NetBSD - http://www.netbsd.org


-- Forwarded message --
Return-Path: 
Received: by doctor.nl2k.ab.ca (Postfix, from userid 51)
id E124312CFA90; Sun, 11 Apr 2010 15:07:26 -0600 (MDT)
Subject: PHPOM =>   DOWN
Message-Id: <20100411210726.e124312cf...@doctor.nl2k.ab.ca>
Date: Sun, 11 Apr 2010 15:07:26 -0600 (MDT)

d...@freeshell.org
X-Mailer:PHP/5.2.8

  DOWN

- End forwarded message -

My question is how do you stop a

From: u...@fully.qualified.dom  To: r...@other.qualified.dom

via Postfix?

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
http://twitter.com/rootnl2k http://www.facebook.com/dyadallee
UK Time for a Common Sense change vote Liberal Democrat / Alliance 

Postfix, Amavisd and DKIM

[The Doctor]

Just reading from amavisd docs on the how set up
DKIM and I was wondering if this section of their documentation
is correct:

Configuring multiple mail paths in Postfix

Here is one way of configuring Postfix for providing two paths through a 
content filter. Locally submitted or authenticated mail will go to a content 
filter to its port 10026 and will be signed on its way out (either by amavisd 
or by a signing milter). All other mail (incoming) will be diverted to port 
10024 for normal content filtering, and will not be eligible for signing.

main.cf:

  # on re-queueing of a message smtpd_*_restrictions do not apply,
  # so we'd better provide a safe default for a content_filter,
  # even at an expense of later flipping the choice twice
  # (which adds a bit to log clutter, but never mind)
  #
  content_filter = amavisfeed:[127.0.0.1]:10024

  # each triggered FILTER deposits its argument into a
  # content_filter setting, the last deposited value applies
  #
  smtpd_sender_restrictions =
check_sender_access regexp:/etc/postfix/tag_as_originating.re
permit_mynetworks
permit_sasl_authenticated
permit_tls_clientcerts
check_sender_access regexp:/etc/postfix/tag_as_foreign.re

  # Make sure to assign FILTER tags in restrictions which
  # are only invoked once per message, e.g. client or sender
  # restrictions, but NOT on smtpd_recipient_restrictions,
  # as a message may have multiple recipients, so multiple
  # passes through FILTER tag assignments can yield a
  # surprising (and incorrect) result.

/etc/postfix/tag_as_originating.re:

  /^/  FILTER amavisfeed:[127.0.0.1]:10026

/etc/postfix/tag_as_foreign.re:

  /^/  FILTER amavisfeed:[127.0.0.1]:10024

In master.cf set up two listening smtpd services for receiving filtered mail 
from amavisd (as per README.postfix), one on tcp port 10025 (for inbound mail) 
and the other on port 10027 (for originating mail). If a signing milter is in 
use it will be attached to a smtpd service on 10027 only. If no milters are in 
use and signing is done by amavisd, both smtpd services can have exactly the 
same settings, and in fact only one suffices, in which case redirecting 
$forward_method and $notify_method to 'smtp:[127.0.0.1]:10027' in later example 
can be disregarded.

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
http://twitter.com/rootnl2k http://www.facebook.com/dyadallee
Coming close to 15 years in business

Re: Virtual Domains

[The Doctor]

On Tue, Oct 12, 2010 at 10:21:26AM +1300, Jeremy Bowen wrote:
> Hi All
> 
> I'm probably missing something really obvious but I can't see what I'm
> doing wrong.
> 
> I have a server which I wish to use to host both my primary domain (eg.
> example.com) and several virtual domains (virtual1.com, virtual2.com
> etc.).
> 
> I'm running Postfix v2.3.3 on CentOS 5 (This is the latest packaged
> version
> available with CentOS)
> [Note: I've substituted the actual domain names with examples.]
> 
> 
> First up, here's the output of "postconf -n"
> ==
> alias_database = hash:/etc/aliases
> alias_maps = hash:/etc/aliases
> command_directory = /usr/sbin
> config_directory = /etc/postfix
> daemon_directory = /usr/libexec/postfix
> debug_peer_level = 2
> default_destination_concurrency_limit = 20
> header_checks = regexp:/etc/postfix/header_checks
> html_directory = no
> inet_interfaces = all
> local_destination_concurrency_limit = 2
> local_recipient_maps = proxy:unix:passwd.byname $alias_maps
> mail_owner = postfix
> mailbox_transport = lmtp:unix:/var/lib/imap/socket/lmtp
> mailq_path = /usr/bin/mailq.postfix
> manpage_directory = /usr/share/man
> mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
> myhostname = phantom.example.com
> mynetworks = 127.0.0.0/8
> mynetworks_style = host
> myorigin = $mydomain
> newaliases_path = /usr/bin/newaliases.postfix
> queue_directory = /var/spool/postfix
> readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
> relayhost =
> sample_directory = /usr/share/doc/postfix-2.3.3/samples
> sendmail_path = /usr/sbin/sendmail.postfix
> setgid_group = postdrop
> unknown_local_recipient_reject_code = 550
> virtual_alias_domains = virtual1.com virtual2.com
> virtual_alias_maps = hash:/etc/postfix/virtual
> =
> 
> my /etc/postfix/virtual file looks like this:
> @example.com  jeremy
> 
> j...@virtual1.com jane
> @virtual1.com fred
> 
> @virtual2.com bill
> 
> (Yes, these are catch-all recipes)
> 
> My problem is that email sent to some...@virtual1.com is delivered to
> jer...@example.com as per the following log entry:
> 
> Oct 12 10:04:33 phantom postfix/lmtp[9669]: 909161086FC:
> to=, orig_to=,
> relay=phantom.example.com[/var/lib/imap/socket/lmtp], delay=30,
> delays=30/0.04/0.11/0.33, dsn=2.1.5, status=sent (250 2.1.5 Ok)
> 
> I think I'm probably wrong in specifying @example.com in
> the /etc/postfix/virtual file but I'm not sure where I should define the
> valid recipients for example.com.
> 
> Should I not specify $mydomain in $mydestination and include all valid
> addresses in the virtual file or is it something more basic I'm missing.
> 
> All help greatly appreciated.
> Regards
> Jeremy


Have you done postmap /etc/postfix/virtual ?

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
http://twitter.com/rootnl2k http://www.facebook.com/dyadallee
Are you a real human: http://www.cuttingedge.org/news/n1334.cfm

reverse the polarity of the neutron flow

[The Doctor]

Doctor Who saying in the 1970s.

What do I need to reverse.

Tried another MTA and got reports that people were not getting e-mail.

All right switch back.

Forgot that the 'sendmail' was not the correct one.

No problem, just use the postfix sendmail.

Hmm!! No mail is getting delievered.

What did I forget?
-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
http://twitter.com/rootnl2k http://www.facebook.com/dyadallee
Are you a real human: http://www.cuttingedge.org/news/n1334.cfm

554 errors

[The Doctor]

In my log I am seeing

Oct 16 16:06:30 doctor doctor[31]: postfix/smtpd[23000]: NOQUEUE: filter: RCPT 
from snt0-omc1-s39.snt0.hotmail.com[65.54.61.76]: : Sender address 
triggers FILTER amavisfeed:[127.0.0.1]:10026; from= 
to= proto=SMTP helo=
Oct 16 16:06:30 doctor doctor[31]: postfix/smtpd[23000]: NOQUEUE: filter: RCPT 
from snt0-omc1-s39.snt0.hotmail.com[65.54.61.76]: : Sender address 
triggers FILTER amavisfeed:[127.0.0.1]:10024; from= 
to= proto=SMTP helo=
Oct 16 16:06:30 doctor doctor[31]: postfix/smtpd[23000]: NOQUEUE: reject: RCPT 
from snt0-omc1-s39.snt0.hotmail.com[65.54.61.76]: 554 5.7.1 : 
Relay access denied; from= to= proto=SMTP 
helo=


Why is this 554 error turning up?

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
http://twitter.com/rootnl2k http://www.facebook.com/dyadallee
Are you a real human: http://www.cuttingedge.org/news/n1334.cfm

Up and coming

[The Doctor]

What are the improvements for postfix 2.7.2 and postfix 2.8 ?
-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
http://twitter.com/rootnl2k http://www.facebook.com/dyadallee
Are you a real human: http://www.cuttingedge.org/news/n1334.cfm

virtual_alias_domains

[The Doctor]

REcently I have noted that virtual_alias_domains is growing.

Is their some way for main.cf to look a file up instead of
having to read a whole line?

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
http://twitter.com/rootnl2k http://www.facebook.com/dyadallee
Are you a real human: http://www.cuttingedge.org/news/n1334.cfm

(unknown mail transport error)

[The Doctor]

I am trying to send via majordomo but yet
I do see

Dec  1 10:35:28 doctor doctor[31]: postfix/error[22238]: 371E112CFAB3: 
to=, relay=none, delay=157827, delays=157783/43/0/0.21, dsn=4.3.0, 
status=deferred (unknown mail transport error)

This is the first time I have seen this.

What can done to rectify?

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
http://twitter.com/rootnl2k http://www.facebook.com/dyadallee
Merry Christmas 2010 and Happy New Year 2011

Re: (unknown mail transport error)

[The Doctor]

On Wed, Dec 01, 2010 at 12:47:13PM -0500, Matt Hayes wrote:
> 
> 
> On 12/1/2010 12:45 PM, The Doctor wrote:
> > I am trying to send via majordomo but yet
> > I do see
> > 
> > Dec  1 10:35:28 doctor doctor[31]: postfix/error[22238]: 371E112CFAB3: 
> > to=, relay=none, delay=157827, delays=157783/43/0/0.21, dsn=4.3.0, 
> > status=deferred (unknown mail transport error)
> > 
> > This is the first time I have seen this.
> > 
> > What can done to rectify?
> > 
> 
> 
> What's with the domain-less to= ?
> 
> -Matt

Well, I can't give everything out :-)

the list is a majord...@localhost FYI.

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
http://twitter.com/rootnl2k http://www.facebook.com/dyadallee
Merry Christmas 2010 and Happy New Year 2011

Best combinations

[The Doctor]

What is the best internediary for

postfix
ClamAV
Spamassassin
tnef and
Blacklisting phishers

??

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca
Ici doc...@nl2k.ab.ca God, Queen and country! Beware Anti-Christ rising!
Never Satan President Republic!
Rudeness is the weak man's imitation of strength.  -Eric Hoffer 

Re: Best combinations

[The Doctor]

On Sun, Jun 21, 2009 at 01:53:29PM -0700, Joe Sloan wrote:
> The Doctor wrote:
>> What is the best internediary for
>>
>> postfix
>> ClamAV
>> Spamassassin
>> tnef and
>> Blacklisting phishers
>>
>>   
>
> I like maia mailguard - http://maiamailguard.com/maia/wiki
>
> It's based on amavisd-new, spamassassin, clamav, apache and mysql. We use 
> maia for 15k users at a large company near Los Angeles, along with postfix 
> rbls, sanity checks and policyd.
>
> Joe


That you.  I should say RDBMS independent.

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca
Ici doc...@nl2k.ab.ca God, Queen and country! Beware Anti-Christ rising!
Never Satan President Republic!
Rudeness is the weak man's imitation of strength.  -Eric Hoffer 

Re: Best combinations

[The Doctor]

On Sun, Jun 21, 2009 at 05:50:27PM -0500, Noel Jones wrote:
> The Doctor wrote:
>> What is the best internediary for
>>
>> postfix
>> ClamAV
>> Spamassassin
>> tnef and
>> Blacklisting phishers
>>
>> ??
>>
>
> I like amavisd-new for interfacing postfix with spamassassin & clamav.  
> There are several unrelated projects (mostly dead) with some variation of 
> "amavis" in the name, be sure to use amavisd-new.
> http://www.ijs.si/software/amavisd/
>
> For phishing, I like the Sanesecurity addon signatures for clamav, find 
> info here:
> http://www.sanesecurity.co.uk/usage.htm
>
> Not sure what you want with tnef...
>

Tnef could be used with antiword.

>
>-- Noel Jones

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca
Ici doc...@nl2k.ab.ca God, Queen and country! Beware Anti-Christ rising!
Never Satan President Republic!
Rudeness is the weak man's imitation of strength.  -Eric Hoffer 

Weird SASL error/warning

[The Doctor]

Right, I find in my log:

Jun 21 22:22:51 incoming postfix/smtpd[10649]: warning: smtpd_sasl_auth_enable 
is
true, but SASL support is not compiled in   


Yes I did compile as follows:


make tidy;
make makefiles CCARGS="-DUSE_SASL_AUTH -DUSE_CYRUS_SASL -DUSE_TLS 
-I/usr/contrib/include/ -I/usr/contrib/include/sasl" AUXLIBS="-ldb-4.7 
-L/usr/contrib/lib -lsasl2 -lssl -lcrypto"


What gives?

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca
Ici doc...@nl2k.ab.ca God, Queen and country! Beware Anti-Christ rising!
Never Satan President Republic!
Rudeness is the weak man's imitation of strength.  -Eric Hoffer 

Re: Postifix-v-Spamassassin BLOCK SMTP

[The Doctor]

On Tue, Jun 23, 2009 at 09:21:52AM +0100, Steve wrote:
> Silly question. Currently I have Postfix using Spamassassin as a content
> filter thus;
> 
> smtp  inet  n   -   -   -   10   smtpd
> -o content_filter=spamassassin
> ...
> spamassassin unix - n   n   -   -   pipe
> user=spamd argv=/usr/bin/spamc -f -e
> /usr/sbin/sendmail -oi -f ${sender} ${recipient}
> 
> It's nice and dandy but could this be changed to filter and reject at an
> SMTP level rather than after accepting the message? My thoughts are
> along this line;
> 
> Spamassassin is much slower in processing than Postfix and there will be
> a bottleneck
> 
> Spamassassin is a content filter and can only work *after* the LF . LF
> 
> Then to offset this;
> 
> I'm only running a small server with a few mails per minute - so it's
> not going to kill it.
> 
> I can block at SMTP level with Postfix native Body Filter.
> 
> The reason I ask is this bounce;
> 
> ...
> : host mail.varna.net[217.145.80.1] said: 550 5.7.1
> Blocked by
> SpamAssassin (in reply to end of DATA command)
> ...
> 
> I'm still discovering great things with Postfix everyday, so my
> experience is no way as good as most people here - so excuse the stupid
> question. Each day is a learning curve.


Good question sir.


I am contemplating howto use spamassassin effectively with postfix.

I look forward to the thread.

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca
Ici doc...@nl2k.ab.ca God, Queen and country! Beware Anti-Christ rising!
Never Satan President Republic!
Rudeness is the weak man's imitation of strength.  -Eric Hoffer 

Re: Postifix-v-Spamassassin BLOCK SMTP

[The Doctor]

On Tue, Jun 23, 2009 at 03:52:15PM +0200, Ralf Hildebrandt wrote:
> * The Doctor :
> 
> > I am contemplating howto use spamassassin effectively with postfix.
> 
> Usually we use amavisd-new


I tried runing amavisd but it is running into weird errors.

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca
Ici doc...@nl2k.ab.ca God, Queen and country! Beware Anti-Christ rising!
Never Satan President Republic!
Rudeness is the weak man's imitation of strength.  -Eric Hoffer 

Re: Postifix-v-Spamassassin BLOCK SMTP

[The Doctor]

On Tue, Jun 23, 2009 at 08:08:40PM +0200, Ralf Hildebrandt wrote:
> * The Doctor :
> 
> > I tried runing amavisd but it is running into weird errors.
> 
> It's the wrong list here, but usually one shows the errors and is
> being helped :)


Anyway to use the spamassassin headers to reject mail
instead of using amavisd?

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca
Ici doc...@nl2k.ab.ca God, Queen and country! Beware Anti-Christ rising!
Never Satan President Republic!
Rudeness is the weak man's imitation of strength.  -Eric Hoffer 

Need a resolution to a weird error

[The Doctor]

Looks as if postifx will not send to mailbox
which has close to 50M in the mailbox.

Can this be overriden?

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca
Ici doc...@nl2k.ab.ca God, Queen and country! Beware Anti-Christ rising!
Never Satan President Republic!
Rudeness is the weak man's imitation of strength.  -Eric Hoffer 

Re: Need a resolution to a weird error

[The Doctor]

On Tue, Jun 23, 2009 at 09:02:19PM -0700, Evan Platt wrote:
> At 08:54 PM 6/23/2009, you wrote:
>> Looks as if postifx will not send to mailbox
>> which has close to 50M in the mailbox.
>>
>> Can this be overriden?
>
> http://www.postfix.org/postconf.5.html
>
> mailbox_size_limit (default: 5120)
>
> The maximal size of any local(8) 
> individual mailbox or maildir file, or zero (no limit). In fact, this 
> limits the size of any file that is written to upon local delivery, 
> including files written by external commands that are executed by the 
> local(8) delivery agent.
>
> This limit must not be smaller than the message size limit.
>
> Or am I misunderstanding ? 

Thank you taht is what I was after.

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca
Ici doc...@nl2k.ab.ca God, Queen and country! Beware Anti-Christ rising!
Never Satan President Republic!
Rudeness is the weak man's imitation of strength.  -Eric Hoffer 

Getting better

[The Doctor]

Right

1) Upgraded to postfix 2.7 20090607 release

and no error message in SASL, YAY!!!


However,

Jul  2 20:38:57 doctor doctor[31]: postfix/smtpd[6175]: warning: milter 
unix:/var/run/milter/milter-clamc.socket: can't read SMFIC_OPTNEG reply packet 
header: Broken pipe
Jul  2 20:38:57 doctor doctor[31]: postfix/smtpd[6175]: warning: milter 
unix:/var/run/milter/milter-clamc.socket: read error in initial handshake


Why?
-- 
Member - Liberal International  This is doc...@nl2k.ab.ca
Ici doc...@nl2k.ab.ca God, Queen and country! Beware Anti-Christ rising!
Never Satan President Republic!
The fool says in his heart, "There is no God". They are corrupt, and their ways 
are vile; there is no one who does good. - Ps 53:1

Secondary Servers

[The Doctor]

I seem to be have fun with a secondary server Issue.

1)  Telling root to go to another user ends up going 
to the other user on the primary server.  Huh?  Why is that?

2)  I have compiple SASL but cannot get it run properly despite matching
my ns1 record and adjusting it accordingly?

Any suggestions?

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca
Ici doc...@nl2k.ab.ca God, Queen and country! Beware Anti-Christ rising!
Never Satan President Republic!
The fool says in his heart, "There is no God". They are corrupt, and their ways 
are vile; there is no one who does good. - Ps 53:1

milter_header_checks

[The Doctor]

Where is the postfix 2.7-20090607 can this be found?

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca
Ici doc...@nl2k.ab.ca God, Queen and country! Beware Anti-Christ rising!
Never Satan President Republic!
The fool says in his heart, "There is no God". They are corrupt, and their ways 
are vile; there is no one who does good. - Ps 53:1

Re: milter_header_checks

[The Doctor]

On Mon, Jul 06, 2009 at 12:32:53AM -0400, Sahil Tandon wrote:
> On Sun, 05 Jul 2009, The Doctor wrote:
> 
> > Where is the postfix 2.7-20090607 can this be found?
> 
> milter_header_checks was introduced in snapshot 20090606, and revised in
> 20090607.  To download Postfix releases (snapshot, experimental, or
> non-production), go to one of the mirrors:
> http://www.postfix.org/download.html
> 
> -- 
> Sahil Tandon 


Sorry I meant where in the docs as I got the 20090607 snapshot.

Works better for BSD and SASL.

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca
Ici doc...@nl2k.ab.ca God, Queen and country! Beware Anti-Christ rising!
Never Satan President Republic!
The fool says in his heart, "There is no God". They are corrupt, and their ways 
are vile; there is no one who does good. - Ps 53:1

Secondary Server

[The Doctor]

Right, Primary server So far so good.

Secondary server,

Everyting I set root to a localhost alias

postfix wants to send to the primary server.

Huh?  Why is postfix overriding localhost?

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca
Ici doc...@nl2k.ab.ca God, Queen and country! Beware Anti-Christ rising!
Never Satan President Republic!
The fool says in his heart, "There is no God". They are corrupt, and their ways 
are vile; there is no one who does good. - Ps 53:1

Re: Secondary Server

[The Doctor]

On Tue, Jul 07, 2009 at 07:04:57AM +0200, Benny Pedersen wrote:
> 
> On Tue, July 7, 2009 07:00, The Doctor wrote:
> 
> > Huh?  Why is postfix overriding localhost?
> 
> postconf -n
> 
> none have so far as i know a working crystall ball :)
> 
> -- 
> xpoint

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
cyrus_sasl_config_path = /usr/contrib/lib/sasl2/
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debug_peer_list = nk.ca
default_destination_concurrency_limit = 20
disable_vrfy_command = yes
fast_flush_domains = $relay_domains, nk.ca
hash_queue_names = " " defer deferred
html_directory = /var/www/docs/postfix/
in_flow_delay = 1s
inet_interfaces = $myhostname, localhost
local_destination_concurrency_limit = 2
local_recipient_maps = unix:passwd.byname $alias_maps
local_transport = local
mail_owner = postfix
mail_spool_directory = /var/mail
mailbox_command = /usr/bin/procmail
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost, smtp.$mydomain, 
ns2.$mydomain
mydomain = nk.ca
myhostname = gallifrey.nk.ca
mynetworks = 204.209.81.0/24, 208.118.93.0/24, 208.118.94.0/24, 127.0.0.0/8
mynetworks_style = host
myorigin = $myhostname
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = no
relay_domains = $mydestination
relay_recipient_maps = hash:/etc/postfix/relay_recipients
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtp_tls_loglevel = 2
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache
smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)
smtpd_client_restrictions = check_client_access hash:/etc/postfix/access
smtpd_data_restrictions = reject_unauth_pipelining, permit
smtpd_error_sleep_time = 0
smtpd_helo_required = yes
smtpd_recipient_restrictions = reject_invalid_hostname,
reject_non_fqdn_sender,reject_non_fqdn_recipient,
reject_unknown_sender_domain,reject_unknown_recipient_domain,   
 reject_unverified_recipient,permit_mynetworks,
permit_sasl_authenticated,reject_unauth_destination,
check_recipient_access pcre:/etc/postfix/recipient_checks.pcre,
reject_rbl_client sbl-xbl.spamhaus.org,reject_rbl_client 
dnsbl.njabl.org,reject_rbl_client
 combined.njabl.org,reject_rbl_client blackholes.uceb.org,
  reject_rbl_client dev.null.dk,reject_rbl_client flowgoaway.com,
 reject_rbl_client relays.visi.com,permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = smtp.nk.ca
smtpd_sasl_path = smtpd
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/postfix/smtp.nk.ca.2009.cert.pem
smtpd_tls_key_file = /etc/postfix/smtp.nk.ca.2009.key.pem
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = 
btree:/var/lib/postfix/smtpd_tls_session_cache
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550  
-- 
Member - Liberal International  This is doc...@nl2k.ab.ca
Ici doc...@nl2k.ab.ca God, Queen and country! Beware Anti-Christ rising!
Never Satan President Republic!
The fool says in his heart, "There is no God". They are corrupt, and their ways 
are vile; there is no one who does good. - Ps 53:1

Re: Secondary Server

[The Doctor]

On Tue, Jul 07, 2009 at 11:20:56PM +0200, Benny Pedersen wrote:
> 
> On Tue, July 7, 2009 07:25, The Doctor wrote:
> > On Tue, Jul 07, 2009 at 07:04:57AM +0200, Benny Pedersen wrote:
> >>
> >> On Tue, July 7, 2009 07:00, The Doctor wrote:
> >>
> >> > Huh?  Why is postfix overriding localhost?
> >>
> >> postconf -n
> >>
> >> none have so far as i know a working crystall ball :)
> >>
> >> --
> >> xpoint
> >
> > alias_database = hash:/etc/aliases
> > alias_maps = hash:/etc/aliases
> > broken_sasl_auth_clients = yes
> > command_directory = /usr/sbin
> > config_directory = /etc/postfix
> > cyrus_sasl_config_path = /usr/contrib/lib/sasl2/
> > daemon_directory = /usr/libexec/postfix
> > data_directory = /var/lib/postfix
> > debug_peer_level = 2
> > debug_peer_list = nk.ca
> > default_destination_concurrency_limit = 20
> > disable_vrfy_command = yes
> > fast_flush_domains = $relay_domains, nk.ca
> > hash_queue_names = " " defer deferred
> > html_directory = /var/www/docs/postfix/
> > in_flow_delay = 1s
> > inet_interfaces = $myhostname, localhost
> 
> what ?
> 
> > local_destination_concurrency_limit = 2
> > local_recipient_maps = unix:passwd.byname $alias_maps
> > local_transport = local
> > mail_owner = postfix
> > mail_spool_directory = /var/mail
> > mailbox_command = /usr/bin/procmail
> > mailq_path = /usr/bin/mailq
> > manpage_directory = /usr/share/man
> > mydestination = $myhostname, localhost.$mydomain, localhost, 
> > smtp.$mydomain, ns2.$mydomain
> > mydomain = nk.ca
> > myhostname = gallifrey.nk.ca
> > mynetworks = 204.209.81.0/24, 208.118.93.0/24, 208.118.94.0/24, 127.0.0.0/8
> > mynetworks_style = host
> > myorigin = $myhostname
> > newaliases_path = /usr/bin/newaliases
> > queue_directory = /var/spool/postfix
> > readme_directory = no
> > relay_domains = $mydestination
> 
> mix of local domains and backup domains is bad
> 
> > relay_recipient_maps = hash:/etc/postfix/relay_recipients
> > sample_directory = /etc/postfix
> > sendmail_path = /usr/sbin/sendmail
> > setgid_group = postdrop
> > smtp_tls_CAfile = /etc/postfix/cacert.pem
> > smtp_tls_loglevel = 2
> > smtp_tls_security_level = may
> > smtp_tls_session_cache_database = 
> > btree:/var/lib/postfix/smtp_tls_session_cache
> > smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)
> > smtpd_client_restrictions = check_client_access hash:/etc/postfix/access
> > smtpd_data_restrictions = reject_unauth_pipelining, permit
> > smtpd_error_sleep_time = 0
> > smtpd_helo_required = yes
> > smtpd_recipient_restrictions = reject_invalid_hostname,
> > reject_non_fqdn_sender,reject_non_fqdn_recipient,
> >  reject_unknown_sender_domain,
> > reject_unknown_recipient_domain,reject_unverified_recipient,
> >permit_mynetworks,permit_sasl_authenticated,
> > reject_unauth_destination,
> > check_recipient_access pcre:/etc/postfix/recipient_checks.pcre,
> > reject_rbl_client sbl-xbl.spamhaus.org,
> > reject_rbl_client dnsbl.njabl.org,reject_rbl_client
> >  combined.njabl.org,reject_rbl_client blackholes.uceb.org,
> >   reject_rbl_client dev.null.dk,reject_rbl_client 
> > flowgoaway.com,
> >  reject_rbl_client relays.visi.com,permit
> > smtpd_sasl_auth_enable = yes
> > smtpd_sasl_local_domain = smtp.nk.ca
> > smtpd_sasl_path = smtpd
> > smtpd_sasl_security_options = noanonymous
> > smtpd_tls_CAfile = /etc/postfix/cacert.pem
> > smtpd_tls_auth_only = yes
> > smtpd_tls_cert_file = /etc/postfix/smtp.nk.ca.2009.cert.pem
> > smtpd_tls_key_file = /etc/postfix/smtp.nk.ca.2009.key.pem
> > smtpd_tls_received_header = yes
> > smtpd_tls_security_level = may
> > smtpd_tls_session_cache_database = 
> > btree:/var/lib/postfix/smtpd_tls_session_cache
> > smtpd_use_tls = yes
> > tls_random_source = dev:/dev/urandom
> > transport_maps = hash:/etc/postfix/transport
> 
> transport for what ?

Local and SMTP

> 
> > unknown_local_recipient_reject_code = 550
> 
> try simplify it, for me its complicated to see whats wrong and what you want

Would you like the /etc/postfix/transport file?

> 
> --
> xpoint

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca
Ici doc...@nl2k.ab.ca God, Queen and country! Beware Anti-Christ rising!
Never Satan President Republic!
The fool says in his heart, "There is no God". They are corrupt, and their ways 
are vile; there is no one who does good. - Ps 53:1

Preventing www@ abuse

[The Doctor]

Get a turkey that seems to be doing a 302 redicrecting
and using www@ to 'frame' the point.


Any way of locking down the use of the www to just webforms on the
local web server?

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca
Ici doc...@nl2k.ab.ca God, Queen and country! Beware Anti-Christ rising!
Never Satan President Republic!
The fool says in his heart, "There is no God". They are corrupt, and their ways 
are vile; there is no one who does good. - Ps 53:1

Xserve running Mac OS X

[The Doctor]

Right I have the following colocated box with
the following configuration:


$postconf -n
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
enable_server_options = yes
header_checks = regexp:/etc/postfix/header_checks
home_mailbox = Mailbox
html_directory = no
local_recipient_maps = unix:passwd.byname $alias_maps
mail_owner = _postfix
mailbox_command = /usr/bin/procmail
mailbox_size_limit = 0
mailbox_transport = cyrus
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
message_size_limit = 1048576000
mydestination = 
$myhostname,localhost.$mydomain,localhost,$mydomain,mail.$mydomain,www.$mydomain,ftp.$mydomain
mydomain = vstudios.ca
mydomain_fallback = localhost
myhostname = mail.vstudios.ca
mynetworks = 204.209.81.19/32, 127.0.0.0/8, 208.118.93.0/24
newaliases_path = /usr/bin/newaliases
queue_directory = /private/var/spool/postfix
readme_directory = /usr/share/doc/postfix
relayhost = $mydomain
sample_directory = /usr/share/doc/postfix/examples
sendmail_path = /usr/sbin/sendmail
setgid_group = _postdrop
smtpd_enforce_tls = no
smtpd_pw_server_security_options = login,plain
smtpd_recipient_restrictions = 
permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination,permit
smtpd_sasl_auth_enable = yes
smtpd_tls_cert_file = /etc/certificates/Default.crt
smtpd_tls_key_file = /etc/certificates/Default.key
smtpd_use_pw_server = yes
smtpd_use_tls = yes
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
virtual_alias_domains = innovationsmusic.com visionarycollege.ab.ca 
visionaryentertainment.ca camprockstar.ca futuresfest.com muse-musicunites.com
virtual_alias_maps = hash:/etc/mail/virtual  


The DNS are pointing to this box as MX and when I do a local
test, no log nor delivery is 
taking place.

What do I need to fix?

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca
Ici doc...@nl2k.ab.ca God, Queen and country! Beware Anti-Christ rising!
Never Satan President Republic!
The fool says in his heart, "There is no God". They are corrupt, and their ways 
are vile; there is no one who does good. - Ps 53:1

Re: Xserve running Mac OS X

[The Doctor]

On Thu, Aug 20, 2009 at 12:57:24AM +0200, Victoriano Giralt wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> The Doctor escribió:
> | Right I have the following colocated box with
> | the following configuration:
>
> 8<-8<
> removed extra info
> 8<-8<
> | mydomain = vstudios.ca
> | mydomain_fallback = localhost
> | myhostname = mail.vstudios.ca
> 8<-8<
> more noise
> 8<-8<
>
> | The DNS are pointing to this box as MX and when I do a local
> | test, no log nor delivery is
> | taking place.
> |
> | What do I need to fix?
> |
> Probably the connection to the machine:
> ;; QUESTION SECTION:
> ;visionaryentertainment.ca. IN  MX
>
> ;; ANSWER SECTION:
> visionaryentertainment.ca. 3600 IN  MX  5 mail.vstudios.ca.
> visionaryentertainment.ca. 3600 IN  MX  10 doctor.nl2k.ab.ca.
>
> ;; AUTHORITY SECTION:
> visionaryentertainment.ca. 3600 IN  NS  ns2.nl2k.ab.ca.
> visionaryentertainment.ca. 3600 IN  NS  doctor.nl2k.ab.ca.
>
> Then:
> [...@atila ~]$ telnet mail.vstudios.ca 25
> Trying 69.42.58.100...
> Connected to mail.vstudios.ca (69.42.58.100).
> Escape character is '^]'.
> 220-hp10.hostpapa.com ESMTP Exim 4.69 #1 Wed, 19 Aug 2009 18:53:44 -0400
> 220-We do not authorize the use of this system to transport unsolicited,
> 220 and/or bulk e-mail.
> quit
> 221 hp10.hostpapa.com closing connection
> Connection closed by foreign host.
>
> That is clearly not Postfix, or it is very well disguised  :)
>

Right, on the Xserve that will be vstudios.ca we have


mail.vstudios.ca 25
Trying 204.209.81.19...
Connected to mail.vstudios.ca.
Escape character is '^]'.
220 mail.vstudios.ca ESMTP Postfix


> - --
> Victoriano Giralt
> Systems Manager
> Central ICT Services
> University of Malaga
> SPAIN
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.5 (GNU/Linux)
> Comment: Using GnuPG with CentOS - http://enigmail.mozdev.org
>
> iD8DBQFKjINSV6+mDjj1PTgRAjqKAJsFf/vCYDB82EwU52mXvoAQCEqEnwCfco/O
> EiQ7gOCql0nYRlEJ6IHbP1I=
> =1tX3
> -END PGP SIGNATURE-

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca
Ici doc...@nl2k.ab.ca God, Queen and country! Beware Anti-Christ rising!
Never Satan President Republic!
The fool says in his heart, "There is no God". They are corrupt, and their ways 
are vile; there is no one who does good. - Ps 53:1

Re: Xserve running Mac OS X

[The Doctor]

On Thu, Aug 20, 2009 at 10:38:42AM -0400, Brian Evans - Postfix List wrote:
> The Doctor wrote:
> > Right I have the following colocated box with
> > the following configuration:
> >
> >
> > $postconf -n
> >
> > mailbox_command = /usr/bin/procmail
> > mailbox_transport = cyrus
> >   
> 
> mailbox_transport takes precidence over mailbox_command.. so procmail is
> never called by Postfix
> 
> > relayhost = $mydomain
> >   
> Remove this.  It may cause mail loops.
> It's purpose is the default, next-hop destination of mail NOT meant for
> your machine.
> > The DNS are pointing to this box as MX and when I do a local
> > test, no log nor delivery is 
> > taking place.
> >
> > What do I need to fix?
> >
> >   
> 
> Logging is done by your system via syslog calls.
> Postfix does not log directly.
> 
> Without logs, we cannot tell what is going on.

One moment I got:

tail /var/log/mail.log
Aug 20 21:44:28 Xserve-002436F349EE postfix/postfix-script[57707]: fatal: the 
Postfix mail system is not running
Aug 20 21:44:31 Xserve-002436F349EE postfix/postfix-script[57710]: fatal: the 
Postfix mail system is not running
Aug 20 21:44:31 Xserve-002436F349EE postfix/postfix-script[57713]: fatal: the 
Postfix mail system is not running
Aug 20 21:44:32 Xserve-002436F349EE postfix/postfix-script[57716]: fatal: the 
Postfix mail system is not running
Aug 20 21:44:34 Xserve-002436F349EE postfix/postfix-script[57718]: fatal: 
usage: postfix start (or stop, reload, abort, flush, check, set-permissions, 
upgrade-configuration)
Aug 20 21:44:37 Xserve-002436F349EE postfix/master[57766]: fatal: open lock 
file pid/master.pid: unable to set exclusive lock: Resource temporarily 
unavailable
Aug 20 21:44:47 Xserve-002436F349EE postfix/master[57768]: fatal: open lock 
file pid/master.pid: unable to set exclusive lock: Resource temporarily 
unavailable
Aug 20 21:44:57 Xserve-002436F349EE postfix/master[57779]: fatal: open lock 
file pid/master.pid: unable to set exclusive lock: Resource temporarily 
unavailable
Aug 20 21:45:07 Xserve-002436F349EE postfix/master[57782]: fatal: open lock 
file pid/master.pid: unable to set exclusive lock: Resource temporarily 
unavailable 

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca
Ici doc...@nl2k.ab.ca God, Queen and country! Beware Anti-Christ rising!
Never Satan President Republic!
The fool says in his heart, "There is no God". They are corrupt, and their ways 
are vile; there is no one who does good. - Ps 53:1

Errors from the Xserve

[The Doctor]

postconf -n 

command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
enable_server_options = yes
header_checks = regexp:/etc/postfix/header_checks
home_mailbox = Mailbox
html_directory = no
local_recipient_maps = unix:passwd.byname $alias_maps
mail_owner = _postfix
mailbox_command = /usr/bin/procmail
mailbox_size_limit = 0
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
message_size_limit = 1048576000
mydestination = 
$myhostname,localhost.$mydomain,localhost,$mydomain,mail.$mydomain,www.$mydomain,ftp.$mydomain
mydomain = vstudios.ca
mydomain_fallback = localhost
myhostname = mail.vstudios.ca
mynetworks = 204.209.81.19/32, 127.0.0.0/8, 208.118.93.0/24
newaliases_path = /usr/bin/newaliases
queue_directory = /private/var/spool/postfix
readme_directory = /usr/share/doc/postfix
sample_directory = /usr/share/doc/postfix/examples
sendmail_path = /usr/sbin/sendmail
setgid_group = _postdrop
smtpd_enforce_tls = no
smtpd_pw_server_security_options = login,plain
smtpd_recipient_restrictions = 
permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination,permit
smtpd_sasl_auth_enable = yes
smtpd_tls_cert_file = /etc/certificates/Default.crt
smtpd_tls_key_file = /etc/certificates/Default.key
smtpd_use_pw_server = yes
smtpd_use_tls = yes
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
virtual_alias_domains = innovationsmusic.com visionarycollege.ab.ca 
visionaryentertainment.ca camprockstar.ca futuresfest.com muse-musicunites.com
virtual_alias_maps = hash:/etc/mail/virtual

Here is the mail.log from that server

Aug 21 15:08:15 Xserve-002436F349EE postfix/master[78438]: fatal: open lock 
file pid/master.pid: unable to set exclusive lock: Resource temporarily 
unavailable
Aug 21 15:08:25 Xserve-002436F349EE postfix/master[78439]: fatal: open lock 
file pid/master.pid: unable to set exclusive lock: Resource temporarily 
unavailable
Aug 21 15:08:35 Xserve-002436F349EE postfix/master[78440]: fatal: open lock 
file pid/master.pid: unable to set exclusive lock: Resource temporarily 
unavailable
Aug 21 15:08:45 Xserve-002436F349EE postfix/master[78441]: fatal: open lock 
file pid/master.pid: unable to set exclusive lock: Resource temporarily 
unavailable
Aug 21 15:08:55 Xserve-002436F349EE postfix/master[78447]: fatal: open lock 
file pid/master.pid: unable to set exclusive lock: Resource temporarily 
unavailable
Aug 21 15:09:05 Xserve-002436F349EE postfix/master[78449]: fatal: open lock 
file pid/master.pid: unable to set exclusive lock: Resource temporarily 
unavailable
Aug 21 15:09:15 Xserve-002436F349EE postfix/master[78471]: fatal: open lock 
file pid/master.pid: unable to set exclusive lock: Resource temporarily 
unavailable
Aug 21 15:09:25 Xserve-002436F349EE postfix/master[78499]: fatal: open lock 
file pid/master.pid: unable to set exclusive lock: Resource temporarily 
unavailable
Aug 21 15:09:35 Xserve-002436F349EE postfix/master[78500]: fatal: open lock 
file pid/master.pid: unable to set exclusive lock: Resource temporarily 
unavailable
Aug 21 15:09:45 Xserve-002436F349EE postfix/master[78501]: fatal: open lock 
file pid/master.pid: unable to set exclusive lock: Resource temporarily 
unavailable 

And here is wht the PRimary DNS server is seeing


Aug 21 03:16:25 doctor postfix/smtp[6746]: 6D8BA12CFAD3: 
to=, relay=mail.vstudios.ca[204.209.81.19]:25, 
delay=0.19, delays=0.01/0.04/0.13/0.01, dsn=5.1.1, status=undeliverable (host 
mail.vstudios.ca[204.209.81.19] said: 550 5.1.1 : 
Recipient address rejected: User unknown in virtual alias table (in reply to 
RCPT TO command))
Aug 21 03:18:10 doctor postfix/smtp[6737]: 2F09E12CFAD4: 
to=, relay=mail.vstudios.ca[204.209.81.19]:25, 
delay=0.13, delays=0.01/0.01/0.11/0.01, dsn=5.1.1, status=undeliverable (host 
mail.vstudios.ca[204.209.81.19] said: 550 5.1.1 : 
Recipient address rejected: User unknown in virtual alias table (in reply to 
RCPT TO command))
Aug 21 07:03:24 doctor postfix/smtp[16638]: C2D3712CFAD3: 
to=, relay=mail.vstudios.ca[204.209.81.19]:25, 
delay=0.24, delays=0.05/0/0.18/0.01, dsn=5.1.1, status=undeliverable (host 
mail.vstudios.ca[204.209.81.19] said: 550 5.1.1 : 
Recipient address rejected: User unknown in virtual alias table (in reply to 
RCPT TO command))
Aug 21 07:21:57 doctor postfix/smtp[20043]: 4EC5612CFAD3: 
to=, relay=mail.vstudios.ca[204.209.81.19]:25, 
delay=0.16, delays=0.01/0/0.14/0.01, dsn=5.1.1, status=undeliverable (host 
mail.vstudios.ca[204.209.81.19] said: 550 5.1.1 : 
Recipient address rejected: User unknown in virtual alias table (in reply to 
RCPT TO command))
Aug 21 07:44:35 doctor postfix/smtp[24057]: 4246D12CFAD3: 
to=, relay=mail.vstudios.ca[204.209.81.19]:25, 
delay=0.2, delays=0.03/0.04/0.13/0.01, dsn=5.1.1, status=undeliverable (host 
mail.vstudios.ca[204.209.81.19] said: 550 5.1.1 : 
Recipient address rejected: User unknown in virtual alias ta

One domain seems to be getting null envelopes

[The Doctor]

I have set everything up as per normal but
one customer on one domain reports all mail coming in blank.

What should I be looking for?

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
http://twitter.com/rootnl2k http://www.myspace.com/502748630 
Merry Christmas 2009 and Happy New Year 2010

Limited a user to 1 e-mail per minute

[The Doctor]

Is there a way to rate limit what a user can send?

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
http://twitter.com/rootnl2k http://www.myspace.com/502748630 
Merry Christmas 2009 and Happy New Year 2010

One domain report e-mails not getting through

[The Doctor]

People are sending to a name domain and yet most of their suppliers
are getting bouncing stating error in domain.

I check the DNS record and the MX is correct.

The virtual and the amin.cf files are also correct.

Where else sould I look?
-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
http://twitter.com/rootnl2k http://www.myspace.com/502748630 
Merry Christmas 2009 and Happy New Year 2010

Re: The future of SMTP ?

[The Doctor]

On Mon, Mar 14, 2011 at 07:19:21AM -0400, Curtis Maurand wrote:
> 
> 
> 
> I would argue that its partially Microsoft's fault for allowing
> scripts in email or from web pages to have access to anything on your
> machine outside of the message viewer or the browser.  ActiveX is not
> your friend in these cases.
> 
> --Curtis
> 
> Dennis Carr
> wrote:
> > On Sun, 13 Mar 2011, Frank Bonnet wrote:
> > 
> >> But to fight spam and all other malicious
> >>
> problems it's getting more and more sophisticated
> >> and
> complex to configure every day.
> >> It is not a criticism it is
> a fact that jump
> >> to every sysadmin's face.
> > 
> >> Does anyone has knowing of the future of SMTP ?
> >>
> Is there some project to replace it by some
> >> more secure
> protocol ?
> > 
> > I, too, would have to say "no"
> to this one.
> > 
> > SMTP is used largely because it has
> worked since the standard was
> > implemented with RFC 822 back
> nearly 30 years ago and it still works, for
> > all intents, and in
> fact does exactly what it says on the tin.  So it's
> > not SMTP
> that's broken, it's pretty much a) the end users who allow their
> >
> machines to be zombied as a result of not exercising proper security
> > practices, and b) the scumbags who actually generate the crap.
> > 
> > The best we can really do is implement the spam blocks
> for receiving,
> > unfortunately, and continue the usual practices:
> SPF implementations, the
> > varying blacklists, etc.
> > 
> > -Dennis
> > 
> > 
> >


Overall M$ is not your friend with its regressive policies on technology.

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
http://twitter.com/rootnl2k http://www.facebook.com/dyadallee
Now is the time time to declare your allegiance!

[4exposure...@gmail.com: Fwd: Delivery Status Notification (Failure)]

[The Doctor]

- Forwarded message from User  -

X-Original-To: postmas...@doctor.nl2k.ab.ca
Delivered-To: postmas...@doctor.nl2k.ab.ca
X-Virus-Scanned: amavisd-new at doctor.nl2k.ab.ca
Authentication-Results: doctor.nl2k.ab.ca (amavisd-new); dkim=pass
header.i=@gmail.com
Authentication-Results: doctor.nl2k.ab.ca (amavisd-new); domainkeys=pass
header.from=4exposure...@gmail.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=gamma;
h=domainkey-signature:mime-version:in-reply-to:references:date
:message-id:subject:from:to:content-type;
bh=0CzPpPHymzuAUP404uyZk1DAaLRN687Q/0hEuCwvkQk=;
b=uRmJgTcRSoqu8oEDAgrsJg7Bp70zPxNnEms9FqnuVBo8OnYuoUjlSbOwVP4MMnaBjU
gPijvDzeuJ4LLnj7LVpEOxa4u4F4s4C8pgS6sbSbMDFPzPcJaPaAtKOgg5xSz7xxukPB
PVleeL0qo8094MH73ticaTudsBRDSx3gN91Dw=
DomainKey-Signature: a=rsa-sha1; c=nofws;
d=gmail.com; s=gamma;
h=mime-version:in-reply-to:references:date:message-id:subject:from:to
:content-type;
b=VhClwp8WAMFGSGOT1Dq7qm+GmYlnZ0uAM0fUeRnpzH04kl6NLlXDl4OXq1Qtht8g6S
u0jMTemKhz+MVW+GklqNEjxXBe7X55Hl0e4FfbUV4jjoim2sM0my8845Xucgi3iizGKx
4f9nBIuLH7XYppw9r5X86tRuSjZ15KyHdRGo8=
In-Reply-To: <001636e0a98b22ec89049fcaa...@google.com>
Date: Thu, 31 Mar 2011 11:35:29 -0600
Subject: Fwd: Delivery Status Notification (Failure)
From: user 
To: "Me" 
X-Sanitizer: This message has been sanitized!
X-Sanitizer-URL: http://mailtools.anomy.net/
X-Sanitizer-Rev: $Id: Sanitizer.pm,v 1.94 2006/01/02 16:43:10 bre Exp $

-- Forwarded message --
From: Mail Delivery Subsystem 
Date: Thu, Mar 31, 2011 at 11:32 AM
Subject: Delivery Status Notification (Failure)
To: u...@virt.dom.here


Delivery to the following recipient failed permanently:

root@n1

Technical details of permanent failure:
Google tried to deliver your message, but it was rejected by the recipient
domain. We recommend contacting the other email provider for further
information about the cause of this error. The error that the other server
returned was: 535 535 5.7.8 Error: authentication failed: generic failure
(SMTP AUTH failed with the remote server) (state 8).

- - Original message -

MIME-Version: 1.0
Received: by 10.142.56.18 with SMTP id e18mr317852wfa.122.1301592776704;
Thu,
 31 Mar 2011 10:32:56 -0700 (PDT)
Reply-To: user@virtual
Received: by 10.142.240.9 with HTTP; Thu, 31 Mar 2011 10:32:56 -0700 (PDT)
Date: Thu, 31 Mar 2011 11:32:56 -0600
Message-ID: 
Subject: test
From: user 
To: "Me" 
Content-Type: multipart/alternative; boundary=001636e0a98b190181049fcaaf39

- --
< Sigs supressed>

- End forwarded message -


Loooks as if gmail is trying to autheticate against the postfix
server and failing.

What is not happening?

do you need the main.cf and master.cf ? What relevant info is needed?



-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
http://twitter.com/rootnl2k http://www.facebook.com/dyadallee
Hey!! Hey!! ho!! Ho!! Lying Stephen Harper has got to go! on 2 May 2011 vote 
Harper out!

Checking on a system user

[The Doctor]

I suspect my web user is sending spam out.

Only Postfix is stopping this.

How can I check to see
1) who is using the web user to send mail

and
2) by what script

?
-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
http://twitter.com/rootnl2k http://www.facebook.com/dyadallee
IT is done!  http://groups.google.com/group/rec.arts.drwho/about

Always check for irregular mail usage of your mail server

[The Doctor]

http://www.nk.ca/blog/index.php?/archives/1275-Phishing-spam-mail-script-intercepted.html

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
https://www.fullyfollow.me/rootnl2k
Ontario, Nfld, and Manitoba boot the extremists out and vote Liberal!

Postfix 2.8 + and Berkerley DB > 4.7

[The Doctor]

Any issues with Berkeley DB > 4.7 with current Postfix ?
-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist 
rising! 
https://www.fullyfollow.me/rootnl2k
Birthdate : 29 Jan 1969 Croydon, Surrey, UK

Re: OpenSSL 1.0.1 workaround: Postfix 2.9.2, 2.8.10, 2.7.9, and 2.6.15

[The Doctor]

On Tue, Apr 24, 2012 at 05:01:29PM -0400, Wietse Venema wrote:
> [An on-line version of this announcement will be available at
> http://www.postfix.org/announcements/postfix-2.9.2.html]
> 
> Postfix stable release 2.9.2, and legacy releases 2.8.10, 2.7.9,
> 2.6.15 are available. They contains workarounds that are already
> part of Postfix 2.10.
> 
> These releases add support to turn off the TLSv1.1 and TLSv1.2
> protocols. Introduced with OpenSSL version 1.0.1, these protocols
> are known to cause inter-operability problems, for example with
> some hotmail services.
> 
> The radical workaround is to temporarily turn off problematic
> protocols globally:
> 
> /etc/postfix/main.cf:
> smtp_tls_protocols = !SSLv2, !TLSv1.1, !TLSv1.2
> smtp_tls_mandatory_protocols = !SSLv2, !TLSv1.1, !TLSv1.2
> 
> smtpd_tls_protocols = !SSLv2, !TLSv1.1, !TLSv1.2
> smtpd_tls_mandatory_protocols = !SSLv2, !TLSv1.1, !TLSv1.2
> 
> However, it may be better to temporarily turn off problematic
> protocols for broken sites only:
> 
> /etc/postfix/main.cf:
> smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
> 
> /etc/postfix/tls_policy:
> example.com may protocols=!SSLv2:!TLSv1.1:!TLSv1.2
> 
> Notes:
> 
>   * Note the use of ":" instead of comma or space. Also, note that
> there is NO space around the "=" in "protocols=".
> 
>   * The smtp_tls_policy_maps lookup key must match the "next-hop"
> destination that is given to the Postfix SMTP client. If you
> override the next-hop destination with transport_maps, relayhost,
> sender_dependent_relayhost_maps, or otherwise, you need to
> specify the same destination for the smtp_tls_policy_maps lookup
> key.
> 
> You can find the updated Postfix source code at the mirrors listed
> at http://www.postfix.org/.
> 
>   Wietse

Just tried to compile 2.9.2 and here is what I get:


Script started on Tue Apr 24 17:36:38 2012
doctor.nl2k.ab.ca//usr/source/postfix-2.9.2$ less configpf
[?1h=make tidy;
make makefiles CCARGS="-DUSE_SASL_AUTH -DUSE_CYRUS_SASL -DUSE_TLS -I/usr/include
 -I/usr/contrib/include/ -I/usr/contrib/include/sasl" AUXLIBS="-L/usr/lib/ -ldb-
5.3 -L/usr/contrib/lib -lsasl2 -lssl -lcrypto"

configpf 
(END)[?1l>doctor.nl2k.ab.ca//usr/source/postfix-2.9.2$ make
set -e; for i in src/util src/global src/dns src/tls src/xsasl src/milter 
src/master  src/postfix src/fsstone src/smtpstone  src/sendmail src/error 
src/pickup src/cleanup src/smtpd src/local  src/trivial-rewrite src/qmgr 
src/oqmgr src/smtp src/bounce  src/pipe src/showq src/postalias src/postcat 
src/postconf src/postdrop  src/postkick src/postlock src/postlog src/postmap 
src/postqueue  src/postsuper src/qmqpd src/spawn src/flush src/verify  
src/virtual src/proxymap src/anvil src/scache src/discard src/tlsmgr  
src/postmulti src/postscreen src/dnsblog src/tlsproxy; do  (set -e; echo 
"[$i]"; cd $i; make 'CC=gcc -Wmissing-prototypes -Wformat -DUSE_SASL_AUTH 
-DUSE_CYRUS_SASL -DUSE_TLS -I/usr/include -I/usr/contrib/include/ 
-I/usr/contrib/include/sasl -DHAS_PCRE' update MAKELEVEL=) || exit 1;  done
[src/util]
for i in argv.h attr.h attr_clnt.h auto_clnt.h base64_code.h binhash.h  
chroot_uid.h cidr_match.h clean_env.h connect.h ctable.h dict.h  dict_cdb.h 
dict_cidr.h dict_db.h dict_dbm.h dict_env.h dict_ht.h  dict_ni.h dict_nis.h 
dict_nisplus.h dict_pcre.h dict_regexp.h  dict_sdbm.h dict_static.h dict_tcp.h 
dict_unix.h dir_forest.h  events.h exec_command.h find_inet.h fsspace.h 
fullname.h  get_domainname.h get_hostname.h hex_code.h hex_quote.h host_port.h  
htable.h inet_addr_host.h inet_addr_list.h inet_addr_local.h  inet_proto.h 
iostuff.h line_wrap.h listen.h lstat_as.h mac_expand.h  mac_parse.h make_dirs.h 
mask_addr.h match_list.h msg.h  msg_output.h msg_syslog.h msg_vstream.h mvect.h 
myaddrinfo.h myflock.h  mymalloc.h myrand.h name_code.h name_mask.h netstring.h 
nvtable.h  open_as.h open_lock.h percentm.h posix_signals.h readlline.h ring.h  
safe.h safe_open.h sane_accept.h sane_connect.h sane_fsops.h  sane_socketpair.h 
sane_time.h scan_dir.h set_eugid.h set_ugid.h  sigdelay.h sock_addr.h 
spawn_command.h split_at.h stat_as.h  stringops.h sys_defs.h timed_connect.h 
timed_wait.h trigger.h  username.h valid_hostname.h vbuf.h vbuf_print.h 
vstream.h vstring.h  vstring_vstream.h watchdog.h format_tv.h load_file.h 
killme_after.h  edit_file.h dict_cache.h dict_thash.h ip_match.h nbbio.h 
base32_code.h  dict_fail.h warn_stat.h;  do  cmp -s $i ../../include/$i 
2>/dev/null || cp $i ../../include;  done
cd ../../include; chmod 644 argv.h attr.h attr_clnt.h auto_clnt.h base64_code.h 
binhash.h  chroot_uid.h cidr_match.h clean_env.h connect.h ctable.h dict.h  
dict_cdb.h dict_cidr.h dict_db.h dict_dbm.h dict_env.h dict_ht.h  dict_ni.h 
dict_nis.h dict_nisplus.h dict_pcre.h dict_regexp.h  dict_sdbm.h dict_static.h 
dict_tcp.h dict_unix.h dir_forest.h  events.h exec_command.h find_inet.

Re: OpenSSL 1.0.1 workaround: Postfix 2.9.2, 2.8.10, 2.7.9, and 2.6.15

[The Doctor]

On Tue, Apr 24, 2012 at 08:21:05PM -0400, Wietse Venema wrote:
> The Doctor:
> > gcc -Wmissing-prototypes -Wformat -DUSE_SASL_AUTH -DUSE_CYRUS_SASL 
> > -DUSE_TLS -I/usr/include -I/usr/contrib/include/ 
> > -I/usr/contrib/include/sasl -DHAS_PCRE -g -O -I. -I../../include -DBSDI4 -c 
> > tls_client.c
> 
> Are you really building Postfix on BSD/OS 4.x? I should start
> trimming the list of supported configurations; I have not used
> BSD/OS for more than 10 years.
>

Yes.  2.8.X works nicely same with 2.9.0 and 2.9.1
 
>   Wietse

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! 
http://www.fullyfollow.me/rootnl2k  Alberta! VOTE!

Re: OpenSSL 1.0.1 workaround: Postfix 2.9.2, 2.8.10, 2.7.9, and 2.6.15

[The Doctor]

On Tue, Apr 24, 2012 at 08:59:53PM -0400, Wietse Venema wrote:
> The Doctor:
> > On Tue, Apr 24, 2012 at 08:21:05PM -0400, Wietse Venema wrote:
> > > The Doctor:
> > > > gcc -Wmissing-prototypes -Wformat -DUSE_SASL_AUTH -DUSE_CYRUS_SASL 
> > > > -DUSE_TLS -I/usr/include -I/usr/contrib/include/ 
> > > > -I/usr/contrib/include/sasl -DHAS_PCRE -g -O -I. -I../../include 
> > > > -DBSDI4 -c tls_client.c
> > > 
> > > Are you really building Postfix on BSD/OS 4.x? I should start
> > > trimming the list of supported configurations; I have not used
> > > BSD/OS for more than 10 years.
> > >
> > 
> > Yes.  2.8.X works nicely same with 2.9.0 and 2.9.1
> 
> If the BSD/OS 4.x compiler dies on #ifdefs in an argument list
> like this:
> 
> SSL_set_options(TLScontext->con,
>((protomask & TLS_PROTOCOL_TLSv1) ? SSL_OP_NO_TLSv1 : 0L)
> #ifdef SSL_OP_NO_TLSv1_1
>  | ((protomask & TLS_PROTOCOL_TLSv1_1) ? SSL_OP_NO_TLSv1_1 : 0L)
> #endif
> #ifdef SSL_OP_NO_TLSv1_2
>  | ((protomask & TLS_PROTOCOL_TLSv1_2) ? SSL_OP_NO_TLSv1_2 : 0L)
> #endif
>  | ((protomask & TLS_PROTOCOL_SSLv3) ? SSL_OP_NO_SSLv3 : 0L)
>| ((protomask & TLS_PROTOCOL_SSLv2) ? SSL_OP_NO_SSLv2 : 0L));
> 
> then I suppose that is the end of support for this platform. I don't
> have the time to set up this build environment and develop a
> workaround for what appears to be a 10-year old compiler bug.
> 
> You can work around this by removing the #ifdef and #endif shown
> above.

That works!

BTW, gcc being used is 3.2.3

> 
>   Wietse

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! 
http://www.fullyfollow.me/rootnl2k  Alberta! VOTE!

Re: OpenSSL 1.0.1 workaround: Postfix 2.9.2, 2.8.10, 2.7.9, and 2.6.15

[The Doctor]

On Wed, Apr 25, 2012 at 07:18:07AM -0400, Wietse Venema wrote:
> The Doctor:
> > > If the BSD/OS 4.x compiler dies on #ifdefs in an argument list
> > > like this:
> > > 
> > > SSL_set_options(TLScontext->con,
> > >((protomask & TLS_PROTOCOL_TLSv1) ? SSL_OP_NO_TLSv1 : 
> > > 0L)
> > > #ifdef SSL_OP_NO_TLSv1_1
> > >  | ((protomask & TLS_PROTOCOL_TLSv1_1) ? SSL_OP_NO_TLSv1_1 : 
> > > 0L)
> > > #endif
> > > #ifdef SSL_OP_NO_TLSv1_2
> > >  | ((protomask & TLS_PROTOCOL_TLSv1_2) ? SSL_OP_NO_TLSv1_2 : 
> > > 0L)
> > > #endif
> > >  | ((protomask & TLS_PROTOCOL_SSLv3) ? SSL_OP_NO_SSLv3 : 
> > > 0L)
> > >| ((protomask & TLS_PROTOCOL_SSLv2) ? SSL_OP_NO_SSLv2 : 
> > > 0L));
> > > 
> > > then I suppose that is the end of support for this platform. I don't
> > > have the time to set up this build environment and develop a
> > > workaround for what appears to be a 10-year old compiler bug.
> > > 
> > > You can work around this by removing the #ifdef and #endif shown
> > > above.
> > 
> > That works!
> > 
> > BTW, gcc being used is 3.2.3
> 
> I can reproduce this on a Solaris9 test VM. I'll see if I can do a
> reasonable workaround for the 2.10 snapshot so I can test stuff,
> but have no plans to back-port this to the stable release.
> 
>   Wietse

I am willing to test out the 2.10 snapshot when ready.

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! 
http://www.fullyfollow.me/rootnl2k  Alberta! VOTE!

Virtual Domain except for virus and spam scanning

[The Doctor]

Using the most current version of Amavis and Postfix.'


I would like to know how to exclude a virtual domain say dom.tld ?

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! 
http://www.fullyfollow.me/rootnl2k  
Quebec le 4 Sept 2012 ne votez pas pour le PQ!

Removing Amavis as a filter

[The Doctor]

All right.

Amavis is beginning to anny me as a plugin:

Big reason many a legit PDF is getting rejected and customers are yelling
loud in stereo!!

What must I do to remove Amavis from the postfix sequence without disrupting
Postfix itself?

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! 
http://www.fullyfollow.me/rootnl2k  
USA petition to dissolve the Republic and vote to disoolve it in November 2012

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

SSL Certificates

[The Doctor]

I was wondering who is the best CA Cert for Postfix?
-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! 
http://www.fullyfollow.me/rootnl2k Merry Christmas 2012 and Happy New Year 2013

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

TNEF

[The Doctor]

Direct Question:

How can postfix used TNEF without an external agent
such as Amavis or MailSCanner?

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! 
http://www.fullyfollow.me/rootnl2k Merry Christmas 2012 and Happy New Year 2013

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

Re: {?} Re: TNEF

[The Doctor]

On Mon, Dec 10, 2012 at 02:59:25PM +, Duane Hill wrote:
> On Monday, 10 December, 2012 at 14:49:47 UTC, doc...@doctor.nl2k.ab.ca 
> confabulated:
> 
> > Direct Question:
> 
> > How can postfix used TNEF without an external agent
> > such as Amavis or MailSCanner?
> 
> > -- 
> > Member - Liberal International  This is doc...@nl2k.ab.ca Ici 
> > doc...@nl2k.ab.ca
> > God,Queen and country!Never Satan President Republic!Beware AntiChrist 
> > rising!
> > http://www.fullyfollow.me/rootnl2k Merry Christmas 2012 and Happy New Year 
> > 2013
> 
> 
> Tell the email program to stop sending messages in rich text format.


That would be nice but with the stupidity of M$ clients 
such as Outlook, OE, and Mail, and convincing clients they should uninstall
and never see it again might take a bit of a miracle.

Also converting these things would be better.

Still we need to find a way of just replacing these non-standard
e-mail!


> 
> -- 
> If at first you don't succeed...
> ...so much for skydiving.

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! 
http://www.fullyfollow.me/rootnl2k Merry Christmas 2012 and Happy New Year 2013

NJABL is dead

[The Doctor]

Please stop using NJABL
-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! 
http://www.fullyfollow.me/rootnl2k  Look at Psalms 14 amnd 53 on Atheism

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

Spam milters

[The Doctor]

I want to avoid perl-ware like amavisd and MailScanner

Any recommendations for a milter that would drop high spam?

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! 
http://www.fullyfollow.me/rootnl2k  Look at Psalms 14 amnd 53 on Atheism
I am a New World Order Enemy - I am an enemy of totalitarians and dictators.

mopher and postfix 2.10

[The Doctor]

Just trying out the new mopher 

but I run into


r 19 11:06:12 doctor doctor[31]: postfix/smtpd[16632]: warning: milter 
unix:/var/spool/postfix/mopherd/mopherd.sock: can't read SMFIC_CONNECT reply 
packet header: Operation timed out


Why?

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! 
http://www.fullyfollow.me/rootnl2k  Look at Psalms 14 amnd 53 on Atheism
I am a New World Order Enemy - I am an enemy of totalitarians and dictators.

Spamass-milter and Postfix 2.10

[The Doctor]

Try spamass-milter on Postfix 2.10

Using http://www.malgouyres.fr/linux/spamass-milter_postfix_en.html

and got

Mar 19 11:25:16 doctor spamass-milter[23742]: Could not retrieve sendmail macro 
"i"!.  Please add it to confMILTER_MACROS_ENVFROM for better spamassassin 
results
Mar 19 11:26:09 doctor doctor[31]: postfix/cleanup[24014]: warning: milter 
unix:/var/lib/spamass-milter/socket: can't read SMFIC_BODY reply packet header: 
Operation timed out
Mar 19 11:26:15 doctor doctor[31]: postfix/cleanup[24024]: warning: milter 
unix:/var/lib/spamass-milter/socket: can't read SMFIC_HEADER reply packet 
header: Operation timed out
Mar 19 11:26:35 doctor doctor[31]: postfix/cleanup[24508]: warning: milter 
unix:/var/lib/spamass-milter/socket: can't read SMFIC_BODY reply packet header: 
Operation timed out
Mar 19 11:26:51 doctor doctor[31]: postfix/cleanup[24014]: warning: milter 
unix:/var/lib/spamass-milter/socket: can't read SMFIC_BODYEOB reply packet 
header: Operation timed out
Mar 19 11:27:03 doctor doctor[31]: postfix/cleanup[24024]: warning: milter 
unix:/var/lib/spamass-milter/socket: can't read SMFIC_BODY reply packet header: 
Operation timed out
Mar 19 11:27:10 doctor doctor[31]: postfix/cleanup[24748]: warning: milter 
unix:/var/lib/spamass-milter/socket: can't read SMFIC_HEADER reply packet 
header: Operation timed out
Mar 19 11:27:10 doctor doctor[31]: postfix/cleanup[24752]: warning: milter 
unix:/var/lib/spamass-milter/socket: can't read SMFIC_HEADER reply packet 
header: Operation timed out
Mar 19 11:27:11 doctor doctor[31]: postfix/cleanup[24753]: warning: milter 
unix:/var/lib/spamass-milter/socket: can't read SMFIC_BODYEOB reply packet 
header: Operation timed out
Mar 19 11:27:31 doctor doctor[31]: postfix/cleanup[24508]: warning: milter 
unix:/var/lib/spamass-milter/socket: can't read SMFIC_BODY reply packet header: 
Operation timed out
Mar 19 11:27:34 doctor doctor[31]: postfix/cleanup[24014]: warning: milter 
unix:/var/lib/spamass-milter/socket: can't read SMFIC_BODYEOB reply packet 
header: Operation timed out
Mar 19 11:28:04 doctor doctor[31]: postfix/cleanup[24024]: warning: milter 
unix:/var/lib/spamass-milter/socket: can't read SMFIC_BODYEOB reply packet 
header: Operation timed out
Mar 19 11:28:18 doctor doctor[31]: postfix/cleanup[24752]: warning: milter 
unix:/var/lib/spamass-milter/socket: can't read SMFIC_BODYEOB reply packet 
header: Operation timed out


What is not right?

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! 
http://www.fullyfollow.me/rootnl2k  Look at Psalms 14 amnd 53 on Atheism
I am a New World Order Enemy - I am an enemy of totalitarians and dictators.

Weird throttling since midnight

[The Doctor]

All right, I have been getting a lot of irregular throttling=20
since Saturday midnight.

Script started on Sat May 25 17:54:34 2013
doctor.nl2k.ab.ca/~$egrep '(warning|error|fatal|panic)' :' /var/log/maillog
May 25 08:05:53 doctor postfix/postscreen[29851]: fatal: set DB cache size 
131072: Invalid argument
May 25 08:05:53 doctor postfix/smtpd[29849]: fatal: set DB cache size 131072: 
Invalid argument
May 25 08:05:54 doctor postfix/cleanup[29850]: fatal: set DB cache size 131072: 
Invalid argument
May 25 08:05:55 doctor postfix/master[1447]: warning: process 
/usr/libexec/postfix/postscreen pid 29851 exit status 1
May 25 08:05:55 doctor postfix/master[1447]: warning: 
/usr/libexec/postfix/postscreen: bad command startup -- throttling
May 25 08:05:55 doctor postfix/master[1447]: warning: process 
/usr/libexec/postfix/smtpd pid 29849 exit status 1
May 25 08:05:55 doctor postfix/master[1447]: warning: 
/usr/libexec/postfix/smtpd: bad command startup -- throttling
May 25 08:05:56 doctor postfix/master[1447]: warning: process 
/usr/libexec/postfix/cleanup pid 29850 exit status 1
May 25 08:05:56 doctor postfix/master[1447]: warning: 
/usr/libexec/postfix/cleanup: bad command startup -- throttling
May 25 08:06:57 doctor postfix/smtpd[29991]: fatal: set DB cache size 131072: 
Invalid argument
May 25 08:06:57 doctor postfix/cleanup[29992]: fatal: set DB cache size 131072: 
Invalid argument
May 25 08:06:57 doctor postfix/postscreen[29993]: fatal: set DB cache size 
131072: Invalid argument
May 25 08:06:59 doctor postfix/master[1447]: warning: process 
/usr/libexec/postfix/cleanup pid 29992 exit status 1
May 25 08:06:59 doctor postfix/master[1447]: warning: 
/usr/libexec/postfix/cleanup: bad command startup -- throttling
May 25 08:06:59 doctor postfix/master[1447]: warning: process 
/usr/libexec/postfix/postscreen pid 29993 exit status 1
May 25 08:06:59 doctor postfix/master[1447]: warning: 
/usr/libexec/postfix/postscreen: bad command startup -- throttling
May 25 08:06:59 doctor postfix/master[1447]: warning: process 
/usr/libexec/postfix/smtpd pid 29991 exit status 1
May 25 08:06:59 doctor postfix/master[1447]: warning: 
/usr/libexec/postfix/smtpd: bad command startup -- throttling
May 25 08:08:01 doctor postfix/postscreen[278]: fatal: set DB cache size 
131072: Invalid argument
May 25 08:08:01 doctor postfix/smtpd[276]: fatal: set DB cache size 131072: 
Invalid argument
May 25 08:08:01 doctor postfix/cleanup[277]: fatal: set DB cache size 131072: 
Invalid argument
May 25 08:08:03 doctor postfix/master[1447]: warning: process 
/usr/libexec/postfix/postscreen pid 278 exit status 1
May 25 08:08:03 doctor postfix/master[1447]: warning: 
/usr/libexec/postfix/postscreen: bad command startup -- throttling
May 25 08:08:03 doctor postfix/master[1447]: warning: process 
/usr/libexec/postfix/smtpd pid 276 exit status 1
May 25 08:08:03 doctor postfix/master[1447]: warning: 
/usr/libexec/postfix/smtpd: bad command startup -- throttling
May 25 08:08:03 doctor postfix/master[1447]: warning: process 
/usr/libexec/postfix/cleanup pid 277 exit status 1
May 25 08:08:03 doctor postfix/master[1447]: warning: 
/usr/libexec/postfix/cleanup: bad command startup -- throttling
May 25 08:09:04 doctor postfix/cleanup[447]: fatal: set DB cache size 131072: 
Invalid argument
May 25 08:09:04 doctor postfix/postscreen[448]: fatal: set DB cache size 
131072: Invalid argument
May 25 08:09:04 doctor postfix/smtpd[446]: fatal: set DB cache size 131072: 
Invalid argument
May 25 08:09:06 doctor postfix/master[1447]: warning: process 
/usr/libexec/postfix/cleanup pid 447 exit status 1
May 25 08:09:06 doctor postfix/master[1447]: warning: 
/usr/libexec/postfix/cleanup: bad command startup -- throttling
May 25 08:09:06 doctor postfix/master[1447]: warning: process 
/usr/libexec/postfix/postscreen pid 448 exit status 1
May 25 08:09:06 doctor postfix/master[1447]: warning: 
/usr/libexec/postfix/postscreen: bad command startup -- throttling
May 25 08:09:06 doctor postfix/master[1447]: warning: process 
/usr/libexec/postfix/smtpd pid 446 exit status 1
May 25 08:09:06 doctor postfix/master[1447]: warning: 
/usr/libexec/postfix/smtpd: bad command startup -- throttling
May 25 08:10:07 doctor postfix/postscreen[697]: fatal: set DB cache size 
131072: Invalid argument
May 25 08:10:07 doctor postfix/cleanup[696]: fatal: set DB cache size 131072: 
Invalid argument
May 25 08:10:08 doctor postfix/smtpd[695]: fatal: set DB cache size 131072: 
Invalid argument
May 25 08:10:09 doctor postfix/master[1447]: warning: process 
/usr/libexec/postfix/postscreen pid 697 exit status 1
May 25 08:10:09 doctor postfix/master[1447]: warning: 
/usr/libexec/postfix/postscreen: bad command startup -- throttling
May 25 08:10:09 doctor postfix/master[1447]: warning: process 
/usr/libexec/postfix/cleanup pid 696 exit status 1
May 25 08:10:09 doctor postfix/master[1447]: warning: 
/usr/libexec/postfix/cleanup: bad command startup -- throttling
May 25 08:10:10 doctor postfix/master[1447]

Re: Weird throttling since midnight

[The Doctor]

On Sun, May 26, 2013 at 08:04:47AM -0400, Wietse Venema wrote:
> The Doctor:
> > All right, I have been getting a lot of irregular throttling
> > since Saturday midnight.
> > 
> > May 25 08:05:53 doctor postfix/postscreen[29851]: fatal: set DB cache size 
> > 131072: Invalid argument
> 
> Has your Berkeley DB library been updated? Perhaps you can revert
> the update.
> 
> Apparently, their set_cachesize() function now returns an error
> when Postfix sets the cache size.
> 
> This code has not changed since Postfix 2.0, more than 10 years ago:
> 
> if ((errno = db->set_cachesize(db, 0, dict_db_cache_size, 0)) != 0)
> msg_fatal("set DB cache size %d: %m", dict_db_cache_size);
> 
> 131072 (128 kbyte) is the Postfix default read buffer size:
> 
> berkeley_db_read_buffer_size = 131072
> 
> There is a similar parameter for writing, used in postmap.


I have not updated the BDB in some time 5.3.25 for over a year.

I suspect this to be the openssl .  

I was using openssl 1.0.2-dev .  Reverting to openssl 1.0.1 branch.

> 
> None of this has changed since Postfix 2.0.
> 
>   Wietse

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! 
http://www.fullyfollow.me/rootnl2k  Look at Psalms 14 and 53 on Atheism
The false churches will conform themselves to this world's demands, seeing as 
they do not fear and thus do not obey God. - anon

Re: Weird throttling since midnight

[The Doctor]

On Sun, May 26, 2013 at 06:37:17AM -0600, The Doctor wrote:
> On Sun, May 26, 2013 at 08:04:47AM -0400, Wietse Venema wrote:
> > The Doctor:
> > > All right, I have been getting a lot of irregular throttling
> > > since Saturday midnight.
> > > 
> > > May 25 08:05:53 doctor postfix/postscreen[29851]: fatal: set DB cache 
> > > size 131072: Invalid argument
> > 
> > Has your Berkeley DB library been updated? Perhaps you can revert
> > the update.
> > 
> > Apparently, their set_cachesize() function now returns an error
> > when Postfix sets the cache size.
> > 
> > This code has not changed since Postfix 2.0, more than 10 years ago:
> > 
> > if ((errno = db->set_cachesize(db, 0, dict_db_cache_size, 0)) != 0)
> > msg_fatal("set DB cache size %d: %m", dict_db_cache_size);
> > 
> > 131072 (128 kbyte) is the Postfix default read buffer size:
> > 
> > berkeley_db_read_buffer_size = 131072
> > 
> > There is a similar parameter for writing, used in postmap.
> 
> 
> I have not updated the BDB in some time 5.3.25 for over a year.
> 
> I suspect this to be the openssl .  
> 
> I was using openssl 1.0.2-dev .  Reverting to openssl 1.0.1 branch.
> 
> > 
> > None of this has changed since Postfix 2.0.
> > 
> > Wietse


FYI

/*
 * __db_set_cachesize --
 *  Set underlying cache size.
 */
static int
__db_set_cachesize(dbp, cache_gbytes, cache_bytes, ncache)
DB *dbp;
u_int32_t cache_gbytes, cache_bytes;
int ncache;
{
DB_ILLEGAL_IN_ENV(dbp, "DB->set_cachesize");
DB_ILLEGAL_AFTER_OPEN(dbp, "DB->set_cachesize");

return (__memp_set_cachesize(
dbp->dbenv, cache_gbytes, cache_bytes, ncache));
}
 

I am trying to find any more information that might be of help to you.

> 
> -- 
> Member - Liberal InternationalThis is doc...@nl2k.ab.ca Ici 
> doc...@nl2k.ab.ca
> God,Queen and country!Never Satan President Republic!Beware AntiChrist 
> rising! 
> http://www.fullyfollow.me/rootnl2k  Look at Psalms 14 and 53 on Atheism
> The false churches will conform themselves to this world's demands, seeing as 
> they do not fear and thus do not obey God. - anon

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! 
http://www.fullyfollow.me/rootnl2k  Look at Psalms 14 and 53 on Atheism
The false churches will conform themselves to this world's demands, seeing as 
they do not fear and thus do not obey God. - anon

Re: Weird throttling since midnight

[The Doctor]

On Sun, May 26, 2013 at 06:37:17AM -0600, The Doctor wrote:
> On Sun, May 26, 2013 at 08:04:47AM -0400, Wietse Venema wrote:
> > The Doctor:
> > > All right, I have been getting a lot of irregular throttling
> > > since Saturday midnight.
> > > 
> > > May 25 08:05:53 doctor postfix/postscreen[29851]: fatal: set DB cache 
> > > size 131072: Invalid argument
> > 
> > Has your Berkeley DB library been updated? Perhaps you can revert
> > the update.
> > 
> > Apparently, their set_cachesize() function now returns an error
> > when Postfix sets the cache size.
> > 
> > This code has not changed since Postfix 2.0, more than 10 years ago:
> > 
> > if ((errno = db->set_cachesize(db, 0, dict_db_cache_size, 0)) != 0)
> > msg_fatal("set DB cache size %d: %m", dict_db_cache_size);
> > 
> > 131072 (128 kbyte) is the Postfix default read buffer size:
> > 
> > berkeley_db_read_buffer_size = 131072
> > 
> > There is a similar parameter for writing, used in postmap.
> 
> 
> I have not updated the BDB in some time 5.3.25 for over a year.
> 
> I suspect this to be the openssl .  
> 
> I was using openssl 1.0.2-dev .  Reverting to openssl 1.0.1 branch.

I take it back.

Also the BDB is 5.3.21 which is the latest.

Here are the logs from the latest backfire

postfix start && tail -f /var/log/maillog
postsuper: warning: bogus file name: defer/2/gmon.out
postsuper: warning: bogus file name: defer/gmon.out
postfix/postfix-script: warning: damaged message: corrupt/gmon.out
postfix/postfix-script: starting the Postfix mail system
May 26 07:23:51 doctor doctor[31]: postfix/postsuper[14232]: warning: bogus 
file name: defer/2/gmon.out
May 26 07:23:51 doctor doctor[31]: postfix/postsuper[14232]: warning: bogus 
file name: defer/gmon.out
May 26 07:23:51 doctor postfix/postfix-script[14272]: warning: damaged message: 
corrupt/gmon.out
May 26 07:23:51 doctor postfix/postfix-script[14274]: starting the Postfix mail 
system
May 26 07:23:52 doctor postfix/master[14276]: daemon started -- version 2.10.0, 
configuration /etc/postfix
May 26 07:23:52 doctor postfix/qmgr[14278]: name_mask: ipv4
May 26 07:23:52 doctor postfix/qmgr[14278]: inet_addr_local: configured 363 
IPv4 addresses
May 26 07:23:52 doctor postfix/qmgr[14278]: process generation: 2 (2)
May 26 07:23:52 doctor postfix/qmgr[14278]: running: 
PATH=/bin:/usr/bin:/usr/contrib/bin:/usr/X11R6/bin? (ktrace -p 14278 2>&1 | 
logger -p mail.info) & sleep 5
May 26 07:23:52 doctor postfix/qmgr[14278]: match_string: fast_flush_domains ~? 
debug_peer_list
May 26 07:23:52 doctor postfix/qmgr[14278]: match_string: fast_flush_domains ~? 
fast_flush_domains
May 26 07:23:52 doctor doctor[31]: postfix/qmgr[14278]: start move queue active 
-> incoming
May 26 07:23:52 doctor doctor[31]: postfix/qmgr[14278]: end move queue active 
-> incoming
May 26 07:23:52 doctor doctor[31]: postfix/qmgr[14278]: qmgr_scan_start: start 
incoming queue scan
May 26 07:23:52 doctor doctor[31]: postfix/qmgr[14278]: qmgr_scan_start: start 
deferred queue scan
May 26 07:23:52 doctor doctor[31]: postfix/qmgr[14278]: done incoming queue scan
May 26 07:23:52 doctor doctor[31]: postfix/qmgr[14278]: done deferred queue scan
May 26 07:23:52 doctor doctor[31]: postfix/qmgr[14278]: mail_flow_put: 100 100
May 26 07:23:52 doctor doctor[31]: postfix/qmgr[14278]: 
trigger_server_accept_fifo: trigger arrived
May 26 07:23:52 doctor doctor[31]: postfix/qmgr[14278]: master_notify: status 0
May 26 07:23:52 doctor doctor[31]: postfix/qmgr[14278]: request: 87 (W)
May 26 07:23:52 doctor doctor[31]: postfix/qmgr[14278]: qmgr_scan_start: start 
incoming queue scan
May 26 07:23:52 doctor doctor[31]: postfix/qmgr[14278]: master_notify: status 1
May 26 07:23:52 doctor doctor[31]: postfix/qmgr[14278]: done incoming queue scan
May 26 07:23:52 doctor postfix/cleanup[14280]: name_mask: ipv4
May 26 07:23:52 doctor postfix/cleanup[14280]: inet_addr_local: configured 363 
IPv4 addresses
May 26 07:23:52 doctor postfix/cleanup[14280]: process generation: 3 (3)
May 26 07:23:52 doctor postfix/cleanup[14280]: running: 
PATH=/bin:/usr/bin:/usr/contrib/bin:/usr/X11R6/bin? (ktrace -p 14280 2>&1 | 
logger -p mail.info) & sleep 5
May 26 07:23:52 doctor postfix/cleanup[14280]: Compiled against Berkeley DB: 
5.3.21?
May 26 07:23:52 doctor postfix/cleanup[14280]: Run-time linked against Berkeley 
DB: 5.3.21?
May 26 07:23:52 doctor postfix/cleanup[14280]: fatal: set DB cache size 131072: 
Invalid argument
May 26 07:23:54 doctor postfix/master[14276]: warning: process 
/usr/libexec/postfix/cleanup pid 14280 exit status 1
May 26 07:23:54 doctor postfix/master[14276]: warning: 
/usr/libexec/postfix/cleanup: bad command startup -- throttling
May 26 07:23:55 doctor postfix/postscreen[14352]: inet_addr_local: configured 
363 IPv4 addres

Re: Weird throttling since midnight

[The Doctor]

On Sun, May 26, 2013 at 07:29:03AM -0600, The Doctor wrote:
> On Sun, May 26, 2013 at 06:37:17AM -0600, The Doctor wrote:
> > On Sun, May 26, 2013 at 08:04:47AM -0400, Wietse Venema wrote:
> > > The Doctor:
> > > > All right, I have been getting a lot of irregular throttling
> > > > since Saturday midnight.
> > > > 
> > > > May 25 08:05:53 doctor postfix/postscreen[29851]: fatal: set DB cache 
> > > > size 131072: Invalid argument
> > > 
> > > Has your Berkeley DB library been updated? Perhaps you can revert
> > > the update.
> > > 
> > > Apparently, their set_cachesize() function now returns an error
> > > when Postfix sets the cache size.
> > > 
> > > This code has not changed since Postfix 2.0, more than 10 years ago:
> > > 
> > > if ((errno = db->set_cachesize(db, 0, dict_db_cache_size, 0)) != 0)
> > > msg_fatal("set DB cache size %d: %m", dict_db_cache_size);
> > > 
> > > 131072 (128 kbyte) is the Postfix default read buffer size:
> > > 
> > > berkeley_db_read_buffer_size = 131072
> > > 
> > > There is a similar parameter for writing, used in postmap.
> > 
> > 
> > I have not updated the BDB in some time 5.3.25 for over a year.
> > 
> > I suspect this to be the openssl .  
> > 
> > I was using openssl 1.0.2-dev .  Reverting to openssl 1.0.1 branch.
> 
> I take it back.
> 
> Also the BDB is 5.3.21 which is the latest.
> 
> Here are the logs from the latest backfire
> 
> postfix start && tail -f /var/log/maillog
> postsuper: warning: bogus file name: defer/2/gmon.out
> postsuper: warning: bogus file name: defer/gmon.out
> postfix/postfix-script: warning: damaged message: corrupt/gmon.out
> postfix/postfix-script: starting the Postfix mail system
> May 26 07:23:51 doctor doctor[31]: postfix/postsuper[14232]: warning: bogus 
> file name: defer/2/gmon.out
> May 26 07:23:51 doctor doctor[31]: postfix/postsuper[14232]: warning: bogus 
> file name: defer/gmon.out
> May 26 07:23:51 doctor postfix/postfix-script[14272]: warning: damaged 
> message: corrupt/gmon.out
> May 26 07:23:51 doctor postfix/postfix-script[14274]: starting the Postfix 
> mail system
> May 26 07:23:52 doctor postfix/master[14276]: daemon started -- version 
> 2.10.0, configuration /etc/postfix
> May 26 07:23:52 doctor postfix/qmgr[14278]: name_mask: ipv4
> May 26 07:23:52 doctor postfix/qmgr[14278]: inet_addr_local: configured 363 
> IPv4 addresses
> May 26 07:23:52 doctor postfix/qmgr[14278]: process generation: 2 (2)
> May 26 07:23:52 doctor postfix/qmgr[14278]: running: 
> PATH=/bin:/usr/bin:/usr/contrib/bin:/usr/X11R6/bin? (ktrace -p 14278 2>&1 | 
> logger -p mail.info) & sleep 5
> May 26 07:23:52 doctor postfix/qmgr[14278]: match_string: fast_flush_domains 
> ~? debug_peer_list
> May 26 07:23:52 doctor postfix/qmgr[14278]: match_string: fast_flush_domains 
> ~? fast_flush_domains
> May 26 07:23:52 doctor doctor[31]: postfix/qmgr[14278]: start move queue 
> active -> incoming
> May 26 07:23:52 doctor doctor[31]: postfix/qmgr[14278]: end move queue active 
> -> incoming
> May 26 07:23:52 doctor doctor[31]: postfix/qmgr[14278]: qmgr_scan_start: 
> start incoming queue scan
> May 26 07:23:52 doctor doctor[31]: postfix/qmgr[14278]: qmgr_scan_start: 
> start deferred queue scan
> May 26 07:23:52 doctor doctor[31]: postfix/qmgr[14278]: done incoming queue 
> scan
> May 26 07:23:52 doctor doctor[31]: postfix/qmgr[14278]: done deferred queue 
> scan
> May 26 07:23:52 doctor doctor[31]: postfix/qmgr[14278]: mail_flow_put: 100 100
> May 26 07:23:52 doctor doctor[31]: postfix/qmgr[14278]: 
> trigger_server_accept_fifo: trigger arrived
> May 26 07:23:52 doctor doctor[31]: postfix/qmgr[14278]: master_notify: status > 0
> May 26 07:23:52 doctor doctor[31]: postfix/qmgr[14278]: request: 87 (W)
> May 26 07:23:52 doctor doctor[31]: postfix/qmgr[14278]: qmgr_scan_start: 
> start incoming queue scan
> May 26 07:23:52 doctor doctor[31]: postfix/qmgr[14278]: master_notify: status 
> 1
> May 26 07:23:52 doctor doctor[31]: postfix/qmgr[14278]: done incoming queue 
> scan
> May 26 07:23:52 doctor postfix/cleanup[14280]: name_mask: ipv4
> May 26 07:23:52 doctor postfix/cleanup[14280]: inet_addr_local: configured 
> 363 IPv4 addresses
> May 26 07:23:52 doctor postfix/cleanup[14280]: process generation: 3 (3)
> May 26 07:23:52 doctor postfix/cleanup[14280]: running: 
> PATH=/bin:/usr/bin:/usr/contrib/bin:/usr/X11R6/bin? (ktrace -p 14280 2>&1 | 
> logger -p mail.info) & sleep 5
> May 26 07:23:52 doctor postfix/cleanup[14280]: Compiled ag

Re: Weird throttling since midnight

[The Doctor]

On Sun, May 26, 2013 at 09:51:41AM -0400, Wietse Venema wrote:
> The Doctor:
> > On Sun, May 26, 2013 at 06:37:17AM -0600, The Doctor wrote:
> > > On Sun, May 26, 2013 at 08:04:47AM -0400, Wietse Venema wrote:
> > > > The Doctor:
> > > > > All right, I have been getting a lot of irregular throttling
> > > > > since Saturday midnight.
> > > > > 
> > > > > May 25 08:05:53 doctor postfix/postscreen[29851]: fatal: set DB cache 
> > > > > size 131072: Invalid argument
> > > > 
> > > > Has your Berkeley DB library been updated? Perhaps you can revert
> > > > the update.
> > > > 
> > > > Apparently, their set_cachesize() function now returns an error
> > > > when Postfix sets the cache size.
> > > > 
> > > > This code has not changed since Postfix 2.0, more than 10 years ago:
> > 
> > I take it back.
> > 
> > Also the BDB is 5.3.21 which is the latest.
> > 
> > Here are the logs from the latest backfire
> 
> That is the same Berkeley DB error. You can stop posting these now.
> You may make more progress if you can back out the "improved"
> Berkeley DB library.

Correct about the word "improved".  I might have a 4.7 or 4.8
lying around let me check.

In the mean time

> 
> You may also play with berkeley_db_read_buffer_size.  The Berkeley
> DB documentation promises that they accept buffer sizes of 20kB or
> more, and their default is 256kB. If someone has screwed up Berkeley
> DB, then perhaps it helps to specify berkeley_db_read_buffer_size
> of 262144 (262144 = 256*1024). Hopefully they still accept that.

What tweak is needed in the main.cf to make such a change?

> 
> http://docs.oracle.com/cd/E17076_02/html/api_reference/C/dbset_cachesize.html
> 
>   Wietse

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! 
http://www.fullyfollow.me/rootnl2k  Look at Psalms 14 and 53 on Atheism
The false churches will conform themselves to this world's demands, seeing as 
they do not fear and thus do not obey God. - anon

Re: Weird throttling since midnight

[The Doctor]

On Sun, May 26, 2013 at 09:58:31AM -0400, Wietse Venema wrote:
> The Doctor:
> > > You may also play with berkeley_db_read_buffer_size.  The Berkeley
> > > DB documentation promises that they accept buffer sizes of 20kB or
> > > more, and their default is 256kB. If someone has screwed up Berkeley
> > > DB, then perhaps it helps to specify berkeley_db_read_buffer_size
> > > of 262144 (262144 = 256*1024). Hopefully they still accept that.
> > 
> > What tweak is needed in the main.cf to make such a change?
> > 
> > > 
> > > http://docs.oracle.com/cd/E17076_02/html/api_reference/C/dbset_cachesize.html
> 
> # postconf berkeley_db_read_buffer_size=262144
> # postfix reload (or start)

Still throttled.

Will try DB 4.7.25 later today
-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! 
http://www.fullyfollow.me/rootnl2k  Look at Psalms 14 and 53 on Atheism
The false churches will conform themselves to this world's demands, seeing as 
they do not fear and thus do not obey God. - anon

Re: Weird throttling since midnight

[The Doctor]

On Sun, May 26, 2013 at 10:37:26AM -0400, Jerry wrote:
> On Sun, 26 May 2013 07:55:25 -0600
> The Doctor articulated:
> 
> > On Sun, May 26, 2013 at 09:51:41AM -0400, Wietse Venema wrote:
> > > The Doctor:
> > > > On Sun, May 26, 2013 at 06:37:17AM -0600, The Doctor wrote:
> > > > > On Sun, May 26, 2013 at 08:04:47AM -0400, Wietse Venema wrote:
> > > > > > The Doctor:
> > > > > > > All right, I have been getting a lot of irregular throttling
> > > > > > > since Saturday midnight.
> > > > > > > 
> > > > > > > May 25 08:05:53 doctor postfix/postscreen[29851]: fatal:
> > > > > > > set DB cache size 131072: Invalid argument
> > > > > > 
> > > > > > Has your Berkeley DB library been updated? Perhaps you can
> > > > > > revert the update.
> > > > > > 
> > > > > > Apparently, their set_cachesize() function now returns an
> > > > > > error when Postfix sets the cache size.
> > > > > > 
> > > > > > This code has not changed since Postfix 2.0, more than 10
> > > > > > years ago:
> > > > 
> > > > I take it back.
> > > > 
> > > > Also the BDB is 5.3.21 which is the latest.
> 
> I have that version installed on a FreeBSD-8.3 system and it is working
> fine. OpenSSL 1.0.1e is also installed if that makes any difference. It
> is working with Postfix (2.11-20130405). All are from the FreeBSD ports
> tree.
>

Similar here except the OS is BSD/OS 4.3.1
 
> -- 
> Jerry ???
> postfix-u...@seibercom.net
> _
> TO REPORT A PROBLEM see http://www.postfix.org/DEBUG_README.html#mail
> TO (UN)SUBSCRIBE see http://www.postfix.org/lists.html
> 
> 

-- 
Member - Liberal International  This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! 
http://www.fullyfollow.me/rootnl2k  Look at Psalms 14 and 53 on Atheism
The false churches will conform themselves to this world's demands, seeing as 
they do not fear and thus do not obey God. - anon

Re: bl.spamcop.net false positives

[The Doctor]

On Sun, Jan 31, 2021 at 06:26:06PM -0500, vi...@vheuser.com wrote:
> Something's amiss...
> First time in 10 years I've gotten this:
> 
> "An error occurred while processing your request.
> Reference #30.24721cb8.1612134453.1a374d81"
> 
> from here:?? https://www.spamcop.net/
> 
> Something has changed.
> 
> 
>

Someone forgot to renew their domain.

> 
> 
> 
> 
> 
> 
> On 2021/01/31 11:13 AM, Gerald Galster wrote:
> > Good news, the nameservers have changed again:
> >
> > [gerry@noc ~]$ whois spamcop.net
> > Domain Name: SPAMCOP.NET
> > Registry Domain ID: 3340109_DOMAIN_NET-VRSN
> > Registrar WHOIS Server: whois.enom.com
> > Registrar URL: http://www.enom.com
> > Updated Date: 2021-01-31T16:04:06Z
> > Creation Date: 1999-01-30T05:00:00Z
> > Registry Expiry Date: 2022-01-30T05:00:00Z
> > Registrar: eNom, LLC
> > Registrar IANA ID: 48
> > Registrar Abuse Contact Email:
> > Registrar Abuse Contact Phone:
> > Domain Status: clientTransferProhibited 
> > https://icann.org/epp#clientTransferProhibited
> > Name Server: NS1-109.AKAM.NET
> > Name Server: NS1-11.AKAM.NET
> > Name Server: NS1-73.AKAM.NET
> > Name Server: NS1-90.AKAM.NET
> > Name Server: NS1-93.AKAM.NET
> > Name Server: USE1.AKAM.NET
> >
> > Best regards
> > Gerald
> >
> >
> >> As of now the issue has not been solved, the same ip is returned:
> >>
> >> [gerry@noc ~]$ dig +short @DNS5.NAME-SERVICES.COM spamcop.net
> >> 91.195.240.87
> >
> 

-- 
Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca
Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising!
Look at Psalms 14 and 53 on Atheism https://www.empire.kred/ROOTNK?t=94a1f39b  
Born 29 Jan 1969 Redhill, Surrey, UK 

Re: block all mail from mta's with a FQDN match?

[The Doctor]

On Mon, Mar 28, 2016 at 07:25:43PM -0400, Viktor Dukhovni wrote:
> 
> > On Mar 28, 2016, at 5:53 PM, jaso...@mail-central.com wrote:
> > 
> > How would I match/block access to mail sent from MTAs that have FQDNs that 
> > start with
> > 
> >mta-wk-*
> > 
> > it's not a header, it's not content, it's not an IP ...
> > 
> > but, it's clearly logged in my postfix logs
> > 
> > postfix.log:Mar 24 13:00:42 mail2 postfix/int01/smtpd[20932]: connect 
> > from mta-wk-1.mk1.ratineer.com[82.196.0.148]
> 
> mta-wk-1.mk1.ratineer.com has address 82.196.0.148
> mta-wk-1.mk2.ratineer.com has address 198.199.127.53
> mta-wk-1.mk3.ratineer.com has address 198.211.125.202
> mta-wk-2.mk1.ratineer.com has address 82.196.2.106
> mta-wk-2.mk2.ratineer.com has address 82.196.0.108
> mta-wk-2.mk3.ratineer.com has address 198.211.126.47
> mta-wk-3.mk1.ratineer.com has address 82.196.2.62
> mta-wk-3.mk2.ratineer.com has address 37.139.10.126
> mta-wk-3.mk3.ratineer.com has address 198.211.119.74
> mta-wk-4.mk1.ratineer.com has address 82.196.7.244
> mta-wk-4.mk2.ratineer.com has address 82.196.0.161
> mta-wk-4.mk3.ratineer.com has address 82.196.1.172
> mta-wk-5.mk1.ratineer.com has address 82.196.7.81
> mta-wk-5.mk2.ratineer.com has address 37.139.12.112
> mta-wk-5.mk3.ratineer.com has address 82.196.9.12
> mta-wk-6.mk1.ratineer.com has address 37.139.2.211
> mta-wk-6.mk2.ratineer.com has address 198.211.125.249
> mta-wk-6.mk3.ratineer.com has address 82.196.0.113
> mta-wk-7.mk1.ratineer.com has address 37.139.3.68
> mta-wk-7.mk2.ratineer.com has address 198.211.126.201
> mta-wk-7.mk3.ratineer.com has address 82.196.0.124
> 
> ratineer.com.   600 IN  NS  kilmer-dns2.synapp.io
> 
> main.cf:
> smtpd_client_restrictions =
>   check_ns_access pcre:${config_directory}/ns-access.pcre
> 
> smtpd_restriction_classes = no_mta_wk
> 
> no-mta-wk =
>   reject_unknown_client,
>   check_client_access pcre:${config_directory}/no-mta-wk.pcre
> 
> ns-access.pcre:
> /\.synapp\.io$/   no_mta_wk
> 
> no-mta-wk.pcre:
> /^mta-wk-\d/  REJECT -Your reject message here-
> 
> -- 
>   Viktor.


Then block on the following

82.196.0.0/16

37.139.0.0/16

198.211.0.0/16

198.199.127.0/24

-- 
Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca
God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! 
http://www.fullyfollow.me/rootnl2k  Look at Psalms 14 and 53 on Atheism
Manitoba and Saskatchewan! Save your provinces in April! Vote Liberal!!

Re: OpenBSD build: 'dovecot' undeclared

[The Doctor]

On Wed, Aug 24, 2016 at 06:57:43AM -0400, Wietse Venema wrote:
> David Benfell:
> > Sorry, I'm still not getting it. The only thing I could see to do
> > differently was to put the long make makefiles line all on one line without
> > continuations. Thus,
> > 
> > make tidy \
> > && make makefiles CCARGS="-DUSE_TLS -I/usr/local/include/eopenssl
> 
> INSTALL says:
> 
> make makefiles CCARGS=' ... -Dthis=\"that\" ... '
> 
> If you don't see the difference, don't bother installing Postfix.
> 
>   Wietse
> 
> 

Or postfix could compensate for LibreSSL , an Openssl drop in replacement 
for OpenBSD that is standard for OpenBsd, 

or better yet is Postfix openssl 1.1 ready like exim is?


-- 
Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca
God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! 
http://www.fullyfollow.me/rootnl2k  Look at Psalms 14 and 53 on Atheism
Time for the USA to hold a referendum on its republic and vote to dissolve!! 

Re: New machine

[The Doctor]

On Tue, Dec 20, 2016 at 07:33:56AM -0700, @lbutlr wrote:
> I???m going to setup a new machine and move all the mail onto it. I???ll go 
> with the latest FreeBSD (11.0-RELEASE currently). I am currently running 
> postfix-current-3.2.20161204.
> 
> My plan is:
> 
> 1) Setup FreeBSD on new hardware
> 2) install all mail related ports (dovecot, openssl, etc)
> 3) install postfix from source
> 4) copy my postfix configuration & mysql databases
> 5) copy other config files for dovecot/etc
> 6) copy all user mail folders to new machine
> 7) stop mail on the old machine when mail is empty
> 8) rsync all user mail folders to new hardware to catch any last mails
> 9) bring up mail on new machine
> 10) fix whatever is not working
> 11) Do 9 & 10 until all seems good
> 
> Does this seem reasonable?
> 
> Since I am taking the server offline, I think I do not need to deal with the 
> spool files?
> 

What about using Postfix from ports?

-- 
Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca
God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! 
http://www.fullyfollow.me/rootnl2k  Look at Psalms 14 and 53 on Atheism
Merry Christmas 2016 and Happy New Year 2017

Re: Cyrus vs Dovecot for SASL AUTH and IMAP

[The Doctor]

On Wed, Jan 17, 2018 at 06:26:52AM +0100, Patrick Ben Koetter wrote:
> * J Doe :
> > I am looking to use either Cyrus or Dovecot for both SASL authentication and
> > IMAP.  While Postfix 3.1.0 supports both, I was wondering which to prefer if
> > security is my most important deciding factor ?  Does one have a better
> > track record than the other ?
> 
> The Cyrus SASL project has been discontinued. I recommend not to use security
> relevant software that is unmaintained. Use Dovecot as password verification
> service for Postfix.
> 
> p@rick
> 
> -- 
> [*] sys4 AG
>  
> https://sys4.de, +49 (89) 30 90 46 64
> Schlei??heimer Stra??e 26/MG,80333 M??nchen
>  
> Sitz der Gesellschaft: M??nchen, Amtsgericht M??nchen: HRB 199263
> Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief
> Aufsichtsratsvorsitzender: Florian Kirstein
>

FYI, Cyru sasl is in rc6 mode for 2.1.27 

-- 
Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca
Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising!
https://www.empire.kred/ROOTNK?t=94a1f39b  Look at Psalms 14 and 53 on Atheism
Birthday 29 Jan 1969 BOrn Redhill,Surrey,England , UK!

[m...@openssl.org: Re: [openssl-users] openssl 1.0.2 and TLS 1.3]

[The Doctor]

- Forwarded message from Matt Caswell  -

Date: Tue, 11 Sep 2018 15:01:38 +0100
From: Matt Caswell 
To: openssl-us...@openssl.org
Subject: Re: [openssl-users] openssl 1.0.2 and TLS 1.3
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
Thunderbird/52.9.1



On 11/09/18 14:58, The Doctor wrote:
> On Tue, Sep 11, 2018 at 09:31:23AM +0100, Matt Caswell wrote:
>>
>>
>> On 11/09/18 09:05, Dr. Matthias St. Pierre wrote:
>>>> Von: openssl-users  Im Auftrag von The 
>>>> Doctor
>>>> Gesendet: Dienstag, 11. September 2018 08:49
>>>> An: openssl-us...@openssl.org; openssl-...@openssl.org
>>>> Betreff: [openssl-users] openssl 1.0.2 and TLS 1.3
>>>>
>>>> Will that combination occur?
>>>
>>> Support for TLS 1.3 is a new feature in OpenSSL 1.1.1 which will be 
>>> released today.
>>> OpenSSL 1.0.2 is an LTS release which will only receive security updates 
>>> and no new
>>> features.
>>
>> Strictly speaking 1.0.2 will receive bug fixes and security fixes until
>> the end of this year. From the end of this year until the end of 2019 it
>> will receive security fixes only. In any case it will receive no new
>> features (including TLSv1.3).
>>
>> >From the release of 1.1.1 (today), 1.1.0 will receive security fixes
>> only for one year.
>>
>> Matt
>>
>>
> 
> Got you.
> 
> So Openssh, NTPd, MOd_pagespeed have to adopt OPEnssl 1.1X API
> in order to use TLS 1.3 .

Yes. I would encourage *all* applications still on the 1.0.x API to move
to 1.1.1 asap. By the end of next year there will be no supported
OpenSSL version that has the old API.


Matt

> 
>>
>>>
>>> HTH,
>>> Matthias
>>>
>>> See also
>>> https://wiki.openssl.org/index.php/TLS1.3
>>> https://www.openssl.org/policies/releasestrat.html
>>>
>>>
>>>
>> -- 
>> openssl-users mailing list
>> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
> 
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

- End forwarded message -

Heads up!!

-- 
Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca
Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising!
https://www.empire.kred/ROOTNK?t=94a1f39b  Look at Psalms 14 and 53 on Atheism
NB 24 Sept vote Liberal!  Quebec votez contre le PQ et le QS des 1 October 2018!