Re: Network Ideas

2011-01-11 Thread Aaron C. de Bruyn
On 2011-01-11 at 19:46:48 +, Jonathan Tripathy wrote: > I will give authenticated clients direct access to the IMAP and SMTP > ports on my load-balancer (No proxies). I will however only accept > incoming mail from the internet via separate mx server which will > relay mail (after doing spam ch

Re: Network Ideas

2011-01-11 Thread Jeroen Geilman
On 1/11/11 11:33 AM, Jonathan Tripathy wrote: Isn't it generally insecure to give direct access to each repective customer instance from outside directly? Also, how do ISPs deal with this? Each customer doesn't have their own IP... ISPs "deal with this" by allowing their customers to send ma

Re: something like recipient_delimiter?

2011-01-11 Thread Victor Duchovni
On Wed, Jan 12, 2011 at 12:09:40AM +0100, Andy Spiegl wrote: > > More specifically, "u...@example.com" is a defined email address and > > you want to accept all "prefix.u...@example.com" variants for valid > > users and arbitrary prefixes? > > Exactly! > > > You need a "tcp table", or MySQL virt

Re: something like recipient_delimiter?

2011-01-11 Thread Andy Spiegl
> More specifically, "u...@example.com" is a defined email address and > you want to accept all "prefix.u...@example.com" variants for valid > users and arbitrary prefixes? Exactly! > Well, it is not really an "extension", rather a prefix. Oops, you are right of course. > You need a "tcp table",

Re: something like recipient_delimiter?

2011-01-11 Thread Victor Duchovni
On Tue, Jan 11, 2011 at 09:43:36PM +0100, Andy Spiegl wrote: > I'd like to configure postfix to accept recipient addresses like > foo.u...@domain > bar.u...@domain > baz.u...@domain > without defining an alias for each address. More specifically, "u...@example.com" is a defined email address a

Re: Order of policies?

2011-01-11 Thread Mark Alan
On Mon, 10 Jan 2011 23:04:31 +0100, mouss wrote: > Le 10/01/2011 10:33, Mark Alan a écrit : > > Well then, would the following order make sense? > > > > smtpd_recipient_restrictions = sleep 1, > > reject_unlisted_recipient, reject_unauth_pipelining, > > reject_invalid_helo_hostname, reject_non_fq

Re: Success story: smtpd_reject_footer

2011-01-11 Thread lst_hoe02
Zitat von Ralf Hildebrandt : smtpd_reject_footer = Contact postmaster at charite.de for assistance caused a SIGNIFICANT increase in postmaster tickets :| Uh, what *kind* of tickets??? So users do read. Most of the times, but its really hard to follow their wooly thoughts... Regards Andre

Re: MX Priority

2011-01-11 Thread Jerrale G
On 1/11/2011 12:24 AM, Noel Jones wrote: On 1/10/2011 11:13 PM, Ramesh wrote: Hi, I have few queries about changing mail priority level. presently we have taking mail service from mail service provider, we want to bring up our own mail server as primary. mx entries example.com mail is h

Re: Success story: smtpd_reject_footer

2011-01-11 Thread John Adams
Am 11.01.2011 21:50, schrieb Ralf Hildebrandt: * John Adams: drop the technical gibberish and suddenly people understand you :) Hey, I didn't drop that, I just added one line :) Now, if you replace the technical gibberish by something people understand you will get less tickets :) The lin

Re: Success story: smtpd_reject_footer

2011-01-11 Thread Ralf Hildebrandt
* John Adams : > drop the technical gibberish and suddenly people understand you :) Hey, I didn't drop that, I just added one line :) -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Be

Re: Success story: smtpd_reject_footer

2011-01-11 Thread John Adams
Am 11.01.2011 21:46, schrieb Ralf Hildebrandt: smtpd_reject_footer = Contact postmaster at charite.de for assistance caused a SIGNIFICANT increase in postmaster tickets :| So users do read. drop the technical gibberish and suddenly people understand you :)

Success story: smtpd_reject_footer

2011-01-11 Thread Ralf Hildebrandt
smtpd_reject_footer = Contact postmaster at charite.de for assistance caused a SIGNIFICANT increase in postmaster tickets :| So users do read. -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-

something like recipient_delimiter?

2011-01-11 Thread Andy Spiegl
Hi, I'd like to configure postfix to accept recipient addresses like foo.u...@domain bar.u...@domain baz.u...@domain without defining an alias for each address. If I understand the manual right the recipient_delimiter variable is not good for this. Can you guys give me a hint on how this can

Re: Network Ideas

2011-01-11 Thread Reindl Harald
Am 11.01.2011 18:05, schrieb Jonathan Tripathy: > But then I will need central storage, which I don't currently have. > Can you please explain how I could achieve this? For VMware-HA, yes this is true But if you do not have a SAN setup for every client a vm makes nothing better, iy you have en

Re: Network Ideas

2011-01-11 Thread Jonathan Tripathy
On 11/01/11 16:55, Reindl Harald wrote: Am 11.01.2011 17:25, schrieb Jonathan Tripathy: So have my entire email system run on 2 boxes alone? Where is the problem? You can run hundrets of mail-domains in ONE virtual machine What if the postfix box were to go down? The you hopefully have 2

Re: Network Ideas

2011-01-11 Thread Jonathan Tripathy
On 11/01/11 16:55, Reindl Harald wrote: Am 11.01.2011 17:25, schrieb Jonathan Tripathy: So have my entire email system run on 2 boxes alone? Where is the problem? You can run hundrets of mail-domains in ONE virtual machine What if the postfix box were to go down? The you hopefully have 2

Re: Network Ideas

2011-01-11 Thread Reindl Harald
Am 11.01.2011 17:25, schrieb Jonathan Tripathy: > So have my entire email system run on 2 boxes alone? Where is the problem? You can run hundrets of mail-domains in ONE virtual machine > What if the postfix box were to go down? The you hopefully have 2 VM-Hosts with HA so it does not matte

Re: Network Ideas

2011-01-11 Thread Randy Ramsdell
Jonathan Tripathy wrote: On 11/01/11 16:34, Aaron C. de Bruyn wrote: On 2011-01-11 at 16:25:38 +, Jonathan Tripathy wrote: So have my entire email system run on 2 boxes alone? What if the postfix box were to go down? What if the Dovecot box were to go down? In my solution, if a box (or VM

Re: Network Ideas

2011-01-11 Thread Jonathan Tripathy
On 11/01/11 16:34, Aaron C. de Bruyn wrote: On 2011-01-11 at 16:25:38 +, Jonathan Tripathy wrote: So have my entire email system run on 2 boxes alone? What if the postfix box were to go down? What if the Dovecot box were to go down? In my solution, if a box (or VM in my case) were to go dow

Re: Network Ideas

2011-01-11 Thread Aaron C. de Bruyn
On 2011-01-11 at 16:25:38 +, Jonathan Tripathy wrote: > So have my entire email system run on 2 boxes alone? What if the > postfix box were to go down? What if the Dovecot box were to go > down? In my solution, if a box (or VM in my case) were to go down, > at least something parts of the syste

Re: Network Ideas

2011-01-11 Thread Jonathan Tripathy
If you really need to spread the load, setup two servers with Postfix and Dovecot. It would significantly reduce the complexity, and eliminate your issues with multiple IPs. It would also reduce the bottleneck with the proxy servers. So have my entire email system run on 2 boxes alone? What i

Re: Network Ideas

2011-01-11 Thread Aaron C. de Bruyn
On 2011-01-11 at 15:55:53 +, Jonathan Tripathy wrote: > I hoping that my above solution will spread the load Define 'spread the load'. You're taking a perfectly good server (or more), chopping it up into many pieces so you can run many instances of Postfix and Dovecot. If you really need to s

Re: Network Ideas

2011-01-11 Thread Jonathan Tripathy
If you secure your daemons properly, it is not insecure to give customers direct access to the server. Even if they don't have direct access to the servers IP, they are still able to talk to the server using inherently insecure protocols like SMTP, IMAP, POP3, etc... If you are running an ISP e

Re: Network Ideas

2011-01-11 Thread John Adams
Am 11.01.2011 14:10, schrieb Jonathan Tripathy: Am 11.01.2011 13:56, schrieb Jonathan Tripathy: Am 11.01.2011 13:47, schrieb Jonathan Tripathy: if you believe you have received this email in error. Am 11.01.2011 13:27, schrieb Jonathan Tripathy: On tir 11 jan 2011 11:52:12 CET, Jonathan Tripat

Re: Network Ideas

2011-01-11 Thread Jonathan Tripathy
Am 11.01.2011 13:56, schrieb Jonathan Tripathy: Am 11.01.2011 13:47, schrieb Jonathan Tripathy: if you believe you have received this email in error. Am 11.01.2011 13:27, schrieb Jonathan Tripathy: On tir 11 jan 2011 11:52:12 CET, Jonathan Tripathy wrote I guess another way to do this would b

Re: Network Ideas

2011-01-11 Thread John Adams
Am 11.01.2011 13:56, schrieb Jonathan Tripathy: Am 11.01.2011 13:47, schrieb Jonathan Tripathy: if you believe you have received this email in error. Am 11.01.2011 13:27, schrieb Jonathan Tripathy: On tir 11 jan 2011 11:52:12 CET, Jonathan Tripathy wrote I guess another way to do this would b

Re: Network Ideas

2011-01-11 Thread Jonathan Tripathy
Am 11.01.2011 13:47, schrieb Jonathan Tripathy: if you believe you have received this email in error. Am 11.01.2011 13:27, schrieb Jonathan Tripathy: On tir 11 jan 2011 11:52:12 CET, Jonathan Tripathy wrote I guess another way to do this would be to have the "front end smtp-out" server do the

Re: Network Ideas

2011-01-11 Thread Jonathan Tripathy
On tir 11 jan 2011 13:27:44 CET, Jonathan Tripathy wrote Other way round, which is a postfix issue :) okay a railrouad have 2 ends ? :) I'm trying to use a single postfix server for many dovecot auth servers multiple auth servers is imho silly, one dont backup that way, if you like to do i

Re: Network Ideas

2011-01-11 Thread John Adams
Am 11.01.2011 13:47, schrieb Jonathan Tripathy: if you believe you have received this email in error. Am 11.01.2011 13:27, schrieb Jonathan Tripathy: On tir 11 jan 2011 11:52:12 CET, Jonathan Tripathy wrote I guess another way to do this would be to have the "front end smtp-out" server do the

Re: Network Ideas

2011-01-11 Thread Benny Pedersen
On tir 11 jan 2011 13:27:44 CET, Jonathan Tripathy wrote Other way round, which is a postfix issue :) okay a railrouad have 2 ends ? :) I'm trying to use a single postfix server for many dovecot auth servers multiple auth servers is imho silly, one dont backup that way, if you like to do

Re: Network Ideas

2011-01-11 Thread Jonathan Tripathy
if you believe you have received this email in error. Am 11.01.2011 13:27, schrieb Jonathan Tripathy: On tir 11 jan 2011 11:52:12 CET, Jonathan Tripathy wrote I guess another way to do this would be to have the "front end smtp-out" server do the sending itself and ask a customer's respective do

Re: Network Ideas

2011-01-11 Thread John Adams
Am 11.01.2011 13:27, schrieb Jonathan Tripathy: On tir 11 jan 2011 11:52:12 CET, Jonathan Tripathy wrote I guess another way to do this would be to have the "front end smtp-out" server do the sending itself and ask a customer's respective dovecot server for authentication. How can I do this whe

Re: Network Ideas

2011-01-11 Thread Jonathan Tripathy
On tir 11 jan 2011 11:52:12 CET, Jonathan Tripathy wrote I guess another way to do this would be to have the "front end smtp-out" server do the sending itself and ask a customer's respective dovecot server for authentication. How can I do this where on a domain-by-domain basis? (i.e. each doma

Re: Network Ideas

2011-01-11 Thread Benny Pedersen
On tir 11 jan 2011 11:52:12 CET, Jonathan Tripathy wrote I guess another way to do this would be to have the "front end smtp-out" server do the sending itself and ask a customer's respective dovecot server for authentication. How can I do this where on a domain-by-domain basis? (i.e. each d

Re: reject entire email if one recipient is invalid

2011-01-11 Thread mouss
Le 11/01/2011 10:48, Y G a écrit : > I like this idea. > > Is this the right implementation? > > Thank you very much > > /etc/postfix/main.cf: > --- > smtpd_recipient_restrictions = > reject_non_fqdn_recipient > reject_non_fqdn_sender > reject_unknown_sender_domain

Re: Network Ideas

2011-01-11 Thread Jonathan Tripathy
Am 11.01.2011 11:30, schrieb Jonathan Tripathy: Am 10.01.2011 23:21, schrieb Jonathan Tripathy: Hi Everyone, Not really an issue directly related to postfix, however I'm sure I can get some goods ideas here. I wish to host managed email servers for some customers. Each customer will have the

Re: Network Ideas

2011-01-11 Thread John Adams
Am 11.01.2011 11:30, schrieb Jonathan Tripathy: Am 10.01.2011 23:21, schrieb Jonathan Tripathy: Hi Everyone, Not really an issue directly related to postfix, however I'm sure I can get some goods ideas here. I wish to host managed email servers for some customers. Each customer will have their

Re: Network Ideas

2011-01-11 Thread Jonathan Tripathy
On 1/10/11 5:21 PM, Jonathan Tripathy wrote: Hi Everyone, Not really an issue directly related to postfix, however I'm sure I can get some goods ideas here. I wish to host managed email servers for some customers. Each customer will have their own email server which will be an all-in-one virtu

Re: Network Ideas

2011-01-11 Thread Jonathan Tripathy
Am 10.01.2011 23:21, schrieb Jonathan Tripathy: Hi Everyone, Not really an issue directly related to postfix, however I'm sure I can get some goods ideas here. I wish to host managed email servers for some customers. Each customer will have their own email server which will be an all-in-one vir

Re: reject entire email if one recipient is invalid

2011-01-11 Thread Y G
I like this idea. Is this the right implementation? Thank you very much /etc/postfix/main.cf: --- smtpd_recipient_restrictions = reject_non_fqdn_recipient reject_non_fqdn_sender reject_unknown_sender_domain permit_mynetworks check_recipient_access hash:/etc

Re: Question about Postfix Installation

2011-01-11 Thread Buzai Andras
On Mon, Jan 10, 2011 at 2:18 PM, Wietse Venema wrote: > Reindl Harald: >> To your querstion about superuser: >> NERVER EVER build sources as superuser necause >> if there are bugs in the build-process you can >> damage you system which is impossible with >> restricted permissions. > > As per the P

Re: Network Ideas

2011-01-11 Thread John Adams
Am 10.01.2011 23:21, schrieb Jonathan Tripathy: Hi Everyone, Not really an issue directly related to postfix, however I'm sure I can get some goods ideas here. I wish to host managed email servers for some customers. Each customer will have their own email server which will be an all-in-one vir