[pfx] Re: postfix mail server qmgr log entry query

On 26.04.23 05:48, Jitendra Chaudhari via Postfix-users wrote: The strange thing that is observed in the log is no-reply=19=tjsb@xxx.co.in The user email id at the email server is tjsb@xxx.co.in so my worry is what is the " no-reply=19=" string getting appended before the user email i

[pfx] Re: postfix mail server qmgr log entry query

& Regards, Jitendra Chaudhari   -Original Message- From: Viktor Dukhovni via Postfix-users Sent: Tuesday, April 25, 2023 12:59 AM To: postfix-users@postfix.org Subject: [pfx] Re: postfix mail server qmgr log entry query On Mon, Apr 24, 2023 at 05:39:01PM +, Jitendra Chaudhari via Postfi

[pfx] Re: postfix mail server qmgr log entry query

On Mon, Apr 24, 2023 at 05:39:01PM +, Jitendra Chaudhari via Postfix-users wrote: > Mail flow is as follows. > > IceWarp (email Server)---> >postfix---> >cisco(ironport email gateway)---> >Internet > > I found some strange messages for

[pfx] postfix mail server qmgr log entry query

Hi group, We have a postfix email server configured as MTA for outbound message Mail flow is as follows. IceWarp (email Server)--->postfix--->cisco(ironport email gateway)--->Internet While going through /var/log/mailog I found some strange messages

[pfx] temporary lookup persistent after query collate error corrupt connection.

When mysql_table lookup is executing nonascii characters and database is in latin1, not only fails query, all sesion/connection is corrupted and produces a lot of "temporary lookup table" errors until sesion is recreated (about 1 minute later). Today some external ip was trying to

Re: relay_domains query

On Mon, Nov 21, 2022 at 02:13:55AM +, Paul Netpresto wrote: > Thanks for clearing that up. See MULTI_INSTANCE_README, if you really need IP-specific Postfix personalities, where message handling varies by input address. -- Viktor.

Re: relay_domains query

Thanks for clearing that up. Regards Paul On 21/11/2022 00:30, Viktor Dukhovni wrote: On Sun, Nov 20, 2022 at 11:11:44PM +, Paul Netpresto wrote: Hi I have a smtp instance declared in my master.cf a.b.c.d:smtp inet  n   -   y   -   40 smtpd     -o myhostname=myhouse     -o relay_

Re: relay_domains query

On Sun, Nov 20, 2022 at 11:11:44PM +, Paul Netpresto wrote: > Hi > > I have a smtp instance declared in my master.cf > > a.b.c.d:smtp inet  n   -   y   -   40 smtpd >     -o myhostname=myhouse >     -o relay_recipient_maps=mysql:/etc/user1/samtest/recipients.cf >     -o default_destina

relay_domains query

/recipients.cf IN main.cf  I have  relay_domains= This as above does not work. I have to move the relay_domains directive to main.cf the query for relay_recipient_maps can be seen in mysql logs but not the query for relay_domains. Until it's moved to main.cf when it is logged by mysql. What s

Re: Header_checks inconsistent with postmap query

On Thu, Feb 10, 2022 at 10:27:32PM +, Eric Wilkison wrote: > header_checks: > /^X-Forefront-Antispam-Report:.*SFV:(SPM|SKS|SKB).*to=<.*@ms2019.mobility-lab.com>/ > WARN  It's working You're expecting recipient information to be present in the header text. > Feb 10 15:48:21 relay1 postfix/cl

Header_checks inconsistent with postmap query

IP:144.188.130.206;CTRY:US;LANG:en;SCL:7;SRV:;IPV:NLI;SFV:SPM;H:relay2.mobility-lab.com;PTR:lab-144-188-130-206.reverse.mobility-lab.com;CAT:HSPM;SFS:(13230001)(218001); from mail-mw2nam12lp2049.outbound.protection.outlook.com[104.47.66.49]; from= to= proto=ESMTP helo= With this config in place wh

Re: STARTTLS Exchange Header and expected behaviour query

Indeed. So it would seem I have been lost in the dark. Thanks for sharing that reference, makes sense now. Purely a sending mta configuration issue, nothing more complex than that. -Andrew On 7/10/2021, at 19:04, Viktor Dukhovni wrote: > > On Thu, Oct 07, 2021 at 06:50:22PM +1300, AndrewHard

Re: STARTTLS Exchange Header and expected behaviour query

On Thu, Oct 07, 2021 at 06:50:22PM +1300, AndrewHardy wrote: > Looks like as long as STARTTLS is present in the server response then > it doesn’t matter if it’s a hyphen or space and the s_client.c library > suggests it just looks for that keyword so that confirms it. Helps to > tell it to encrypt

Re: STARTTLS Exchange Header and expected behaviour query

Viktor, you are an absolute legend. Couldn’t see the woods through the trees. Looks like as long as STARTTLS is present in the server response then it doesn’t matter if it’s a hyphen or space and the s_client.c library suggests it just looks for that keyword so that confirms it. Helps to tell i

Re: STARTTLS Exchange Header and expected behaviour query

On Thu, Oct 07, 2021 at 06:01:45PM +1300, Andrew Hardy wrote: > The core of my issue is that the sending MTA receives the 250 STARTTLS > from the receiving MTA but never replies with STARTTLS. The sending > MTA has smtpd_tls_security_level = may defined. There's you problem "smtpd_tls_security_le

STARTTLS Exchange Header and expected behaviour query

Hi All, I’m hoping someone on this mailing list could help me with understand a particular behaviour I’m seeing with an upstream mail service and hoping someone has some more in-depth knowledge than me who can look at the below scenario and advise what the expected behaviour should look like

Re: MYSQL_TABLE query %s lookup

> On 12 Jul 2021, at 1:23 pm, post...@ptld.com wrote: > > The manual says: > "It is best not to use SQL to store the domains eligible for SQL lookups." That would rather defeat the goal of avoiding SQL lookups for unsupported domains. The list of values in: domain = ... should avoid us

Re: MYSQL_TABLE query %s lookup

If you add: # Replace example.com with one or more appropriate domains: domain = example.com to the table definition, all the lookup keys will be user@domain, with no bare domain or parent domain keys. The manual says: "It is best not to use SQL to store the domains eligible

Re: MYSQL_TABLE query %s lookup

> On 12 Jul 2021, at 12:43 pm, post...@ptld.com wrote: > > When postfix looks up an address it repeats the query for each section of an > address. > >%s = u...@example.com >%s = example.com >%s = com > > Is there a way on a single check_recipient_

MYSQL_TABLE query %s lookup

When postfix looks up an address it repeats the query for each section of an address. %s = u...@example.com %s = example.com %s = com Is there a way on a single check_recipient_access to tell postfix to only check the full address, only do the query once? %s = u

Re: Additional filter for special_result_attribute query

On 2020-08-19 18:00, Viktor Dukhovni wrote: On Wed, Aug 19, 2020 at 01:16:25PM +0300, Sergey Urushkin wrote: So, this would be great if we had a way to specify additional filter for special_result_attribute query. Something like this in our case: special_query_filter=(!(useraccountcontrol

Re: Additional filter for special_result_attribute query

On Wed, Aug 19, 2020 at 01:16:25PM +0300, Sergey Urushkin wrote: > So, this would be great if we had a way to specify additional filter for > special_result_attribute query. Something like this in our case: > > special_query_filter=(!(useraccountcontrol:1.2.840.113556.1.4.803:=2))

Additional filter for special_result_attribute query

We are using Postfix+ActiveDirectory and group aliases: query_filter = (&(mail=%s)(objectClass=group)) result_attribute = mail leaf_result_attribute = mail special_result_attribute = member And the problem is that special sub query does return disabled users (useraccountcon

Re: dnsblog_query: lookup error for DNS query x.x.x.x.zen.spamhaus.org: Host or domain name not found.

27.0.0.1 1.0.0.127.zen.spamhaus.org +short > ; <<>> DiG 9.14.8 <<>> @127.0.0.1 1.0.0.127.zen.spamhaus.org +short > ; (1 server found) > ;; global options: +cmd > ;; connection timed out; no servers could be reached > > dig @127.0.0.1 denic.de +short a > 81.9

Re: dnsblog_query: lookup error for DNS query x.x.x.x.zen.spamhaus.org: Host or domain name not found.

md ;; connection timed out; no servers could be reached dig @127.0.0.1 denic.de +short a 81.91.170.12 A dig to query other domains for whatever records does work, so i guess it's not a firewall issue. Beside this i tried disabling my firewall for a moment of second to doublecheck if my fire

Re: dnsblog_query: lookup error for DNS query x.x.x.x.zen.spamhaus.org: Host or domain name not found.

Alexander Meinhardt: > Hey folks, > > for inexplicable reasons i don't get any results from zen.spamhaus.org > anymore: > > Apr 08 16:20:29 [postfix/dnsblog] warning: dnsblog_query: lookup error > for DNS query x.x.x.x.zen.spamhaus.org: Host or domain name not found

Re: dnsblog_query: lookup error for DNS query x.x.x.x.zen.spamhaus.org: Host or domain name not found.

On Fri, 8 May 2020 at 16:09, Alexander Meinhardt wrote: > for inexplicable reasons i don't get any results from zen.spamhaus.org > anymore: > > Apr 08 16:20:29 [postfix/dnsblog] warning: dnsblog_query: lookup error > for DNS query x.x.x.x.zen.spamhaus.org: Host or domain na

dnsblog_query: lookup error for DNS query x.x.x.x.zen.spamhaus.org: Host or domain name not found.

Hey folks, for inexplicable reasons i don't get any results from zen.spamhaus.org anymore: Apr 08 16:20:29 [postfix/dnsblog] warning: dnsblog_query: lookup error for DNS query x.x.x.x.zen.spamhaus.org: Host or domain name not found. Name service error for name=x.x.x.x.zen.spamhaus.org t

Re: Query

On 15/02/20 5:02 am, Curtis Maurand wrote: I am trying to figure out how to get this working. I run Mailman through Postfix. The Mailman aliases are in alias_maps. I find that when I set up a transport map in Postfix to have Postfix forward the emails through another email gateway, the aliases

Re: Query

On 2020-02-14 10:42, Peter Fraser wrote: > Hi All > > I am trying to figure out how to get this working. I run Mailman through > Postfix. The Mailman aliases are in alias_maps. I find that when I set > up a transport map in Postfix to have Postfix forward the emails through > another email gateway

Re: Query

you could set up the mail aliases in transport maps to pass them to mailman Sent from my iPhone > On Feb 14, 2020, at 10:43 AM, Peter Fraser wrote: > >  > Hi All > I am trying to figure out how to get this working. I run Mailman through > Postfix. The Mailman aliases are in alias_maps. I find

Query

Hi AllI am trying to figure out how to get this working. I run Mailman through Postfix. The Mailman aliases are in alias_maps. I find that when I set up a transport map in Postfix to have Postfix forward the emails through another email gateway, the aliases in alias_maps are bypassed so mailman wil

Re: Regexp Postfix query doesn't stop at the first matching rule

atory /requirement. I think it will be easier than to put a cart before the horse in my attempts to use procmail before header_checks. Thanks again. Den -Original Message- From: Viktor Dukhovni To: postfix-users@postfix.org Sent: Mon, 10 Jun 2019 21:34 Subject: Re: Regexp Postfix

Re: Regexp Postfix query doesn't stop at the first matching rule

On Mon, Jun 10, 2019 at 03:51:17AM -0700, Den1 wrote: > Just one teeny tiny comment. Header_checks will trigger before procmail, > sieve and so on therefore I am pretty much out of luck. Empty subject fields > will be rejected before either procmail or sieve inserts / replaces the > subject field

Re: Regexp Postfix query doesn't stop at the first matching rule

Just one teeny tiny comment. Header_checks will trigger before procmail, sieve and so on therefore I am pretty much out of luck. Empty subject fields will be rejected before either procmail or sieve inserts / replaces the subject field (header) in question. Are there any ways to run procmail before

Re: Regexp Postfix query doesn't stop at the first matching rule

Noel Jones-2 wrote > On 6/8/2019 10:11 AM, Den1 wrote: >> Hello, >> >> I would be really thankful if someone could clarify it, please. It says >> the >> following, "Postfix works as documented in regexp_table(5) and >> pcre_table(5), i.e. each que

Re: Regexp Postfix query doesn't stop at the first matching rule

Viktor Dukhovni wrote >> On Jun 9, 2019, at 12:42 AM, Webmaster < > webmaster@.klaipedaville > > wrote: >> > The answer is simple. Postfix header checks DO NOT support any sort > of multi-header conditionals or logic that depends on the order in > which headers are checked against the rules. E

Re: Regexp Postfix query doesn't stop at the first matching rule

always the same recipient > all the time. Now according to your explanation could you advise me please, > how do I set it to check the subject field first and to stop the query right > there without letting it go through any further rules? Thanks. The answer is simple. Postfix head

Re: Regexp Postfix query doesn't stop at the first matching rule

d you advise me please, how do I set it to check the subject field first and to stop the query right there without letting it go through any further rules? Thanks. P. S. Changing the rules order in header checks didn't help. The first header in gmail.com that I have a rule set for

Re: Regexp Postfix query doesn't stop at the first matching rule

On 6/8/2019 10:11 AM, Den1 wrote: Hello, I would be really thankful if someone could clarify it, please. It says the following, "Postfix works as documented in regexp_table(5) and pcre_table(5), i.e. each query stops at the first matching rule. Now the following two rules are in con

Re: Regexp Postfix query doesn't stop at the first matching rule

applied, not skipped. Now these two rules work fine if they go one by > one, but they do not work if they go together in combination (tested). > I am lost.. > > It looks like REJECT triggers this query match and stops there > accordingly. However, REPLACE doesn't trigger the q

Re: Regexp Postfix query doesn't stop at the first matching rule

rules work fine if they go one by one, but they do not work if they go together in combination (tested). I am lost.. It looks like REJECT triggers this query match and stops there accordingly. However, REPLACE doesn't trigger the query match and the search goes on until it "meets"

Re: Regexp Postfix query doesn't stop at the first matching rule

/^Subject:\s*$/  REJECT Empty subjects fields are rejected. > /^From:\s*assistant\@gmail\.com$/ REPLACE Subject: New Report. >   > Does it perhaps mean that each email' to, from, subject, and body > fields are treated as just one single rule, and the query is stopped > wh

Re: Regexp Postfix query doesn't stop at the first matching rule

rejected. /^From:\s*assistant\@gmail\.com$/ REPLACE Subject: New Report. Does it perhaps mean that each email' to, from, subject, and body fields are treated as just one single rule, and the query is stopped whenever all of these 4 per 1 message are matched? Any more pointers, p

Re: Regexp Postfix query doesn't stop at the first matching rule

Den1: > Hello, > > I would be really thankful if someone could clarify it, please. It says the > following, "Postfix works as documented in regexp_table(5) and > pcre_table(5), i.e. each query stops at the first matching rule. Now the > following two rules are in c

Regexp Postfix query doesn't stop at the first matching rule

Hello, I would be really thankful if someone could clarify it, please. It says the following, "Postfix works as documented in regexp_table(5) and pcre_table(5), i.e. each query stops at the first matching rule. Now the following two rules are in conflict: /^From:\s*assistant\@gmail

Re: reject_unknown_reverse_client_hostname query

Viktor Dukhovni: > On Sun, Mar 24, 2019 at 09:00:24PM +, Nick Howitt wrote: > > [ Please avoid pasting "non-breaking space" characters into > your email. It is tedious to have to convert these to ASCII. ] > > > The header is below (x headers and DKIM removed): > > > > Return-Path: >

Re: reject_unknown_reverse_client_hostname query

ve I misunderstood? It may not now, but it did then. > [root@server ~]# dig -x 220.191.208.116 @8.8.8.8 > > ; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7_5.1 <<>> -x 220.191.208.116 @8.8.8.8 > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- o

Re: reject_unknown_reverse_client_hostname query

uTTy or Notepad++ causing an issue? As far as I can see 220.191.208.116 has no PTR so should fall under your case 1? Or have I misunderstood? [root@server ~]# dig -x 220.191.208.116 @8.8.8.8 ; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7_5.1 <<>> -x 220.191.208.116 @8.8.8.8 ;; g

Re: reject_unknown_reverse_client_hostname query

On Sun, Mar 24, 2019 at 09:00:24PM +, Nick Howitt wrote: [ Please avoid pasting "non-breaking space" characters into your email. It is tedious to have to convert these to ASCII. ] > The header is below (x headers and DKIM removed): > > Return-Path: > Received: from hz.cn (unknow

Re: reject_unknown_reverse_client_hostname query

On 24/03/2019 21:53, Wietse Venema wrote: Nick Howitt: I have the follosing restrictions in main.cf: smtpd_client_restrictions = permit_mynetworks, reject_unknown_reverse_client_hostname What is the output from "postconf mynetworks"? If the client matches that, then "permit_mynet

Re: reject_unknown_reverse_client_hostname query

Nick Howitt: > I have the follosing restrictions in main.cf: > > smtpd_client_restrictions = permit_mynetworks, > reject_unknown_reverse_client_hostname What is the output from "postconf mynetworks"? If the client matches that, then "permit_mynetworks" will override reject_unknown_revers

reject_unknown_reverse_client_hostname query

I have the follosing restrictions in main.cf: smtpd_client_restrictions = permit_mynetworks, reject_unknown_reverse_client_hostname smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipie

Re: Query about restriction scenario in RESTRICTION_CLASS_README

On Thu, Jan 17, 2019 at 11:22:46AM -0500, Bill Cole wrote: You truly need to ask whoever runs that other server to explain why they believe your server is misconfigured if you want a definitive answer. On 18.01.19 07:06, Mayuresh wrote: This is certainly strangest of the mailing lists I ever p

Re: Query about restriction scenario in RESTRICTION_CLASS_README

On Thu, Jan 17, 2019 at 11:22:46AM -0500, Bill Cole wrote: > You truly need to ask whoever runs that other server to explain why they > believe your server is misconfigured if you want a definitive answer. This is certainly strangest of the mailing lists I ever participated in. I am certainly sign

Re: Query about restriction scenario in RESTRICTION_CLASS_README

On 17 Jan 2019, at 11:03, Mayuresh wrote: On Thu, Jan 17, 2019 at 10:47:18AM -0500, Wietse Venema wrote: The default code of 5.7.1 is the one I want as well. Log and the bounced mail to gmail confirms that was the one that was used. But an additional remark gmail makes is "the remote server i

Re: Query about restriction scenario in RESTRICTION_CLASS_README

On Thu, Jan 17, 2019 at 10:47:18AM -0500, Wietse Venema wrote: > > The default code of 5.7.1 is the one I want as well. Log and the bounced > > mail to gmail confirms that was the one that was used. > > > > But an additional remark gmail makes is "the remote server is > > misconfigured". > > > >

Re: Query about restriction scenario in RESTRICTION_CLASS_README

Mayuresh: > On Thu, Jan 17, 2019 at 07:25:42AM -0500, Wietse Venema wrote: > > reject, with error code: > > http://www.postfix.org/access.5.html (section: REJECT ACTIONS) > > > > The default code of 5.7.1 is the one I want as well. Log and the bounced > mail to gmail confirms that was the one

Re: Query about restriction scenario in RESTRICTION_CLASS_README

On Thu, Jan 17, 2019 at 07:25:42AM -0500, Wietse Venema wrote: > reject, with error code: > http://www.postfix.org/access.5.html (section: REJECT ACTIONS) > The default code of 5.7.1 is the one I want as well. Log and the bounced mail to gmail confirms that was the one that was used. But an

Re: Query about restriction scenario in RESTRICTION_CLASS_README

Mayuresh: > On Wed, Jan 16, 2019 at 07:14:37AM -0500, Wietse Venema wrote: > > insiders_only = check_sender_access hash:/etc/postfix/insiders, > > reject > > On above line if I replace reject with reject_unauth_destination it > becomes permissive rather than rejecting. > > What is the ex

Re: Query about restriction scenario in RESTRICTION_CLASS_README

On Wed, Jan 16, 2019 at 07:14:37AM -0500, Wietse Venema wrote: > insiders_only = check_sender_access hash:/etc/postfix/insiders, reject On above line if I replace reject with reject_unauth_destination it becomes permissive rather than rejecting. What is the exact difference between reject

Re: Query about restriction scenario in RESTRICTION_CLASS_README

On Wed, Jan 16, 2019 at 07:14:37AM -0500, Wietse Venema wrote: > All I suggested was to split smtpd_recipient_restrictions > and use smtpd_relay_restrictions for the spam blocks. > > That was, TO SPLIT smtpd_recipient_restrictions, NOT TO REMOVE > the hash maps. Ok, thanks. Mayuresh

Re: Query about restriction scenario in RESTRICTION_CLASS_README

Mayuresh: > Sure. Basically I see only one hash in your snippet - that of the > protected destinations. I did not notice a hash of senders allowed to send > to the protected destinations. Am I missing something? Original example: /etc/postfix/main.cf: smtpd_recipient_restrictions =

Re: Query about restriction scenario in RESTRICTION_CLASS_README

On Tue, Jan 15, 2019 at 08:58:57PM -0500, Wietse Venema wrote: > Mayuresh: > > On Tue, Jan 15, 2019 at 01:31:44PM -0500, Wietse Venema wrote: > > > This example can be simplified by using smtpd_relay_restrictions > > > (Posfix 2.10 and later). > > > > > > smtpd_relay_restrictions = > > > pe

Re: Query about restriction scenario in RESTRICTION_CLASS_README

Mayuresh: > On Tue, Jan 15, 2019 at 01:31:44PM -0500, Wietse Venema wrote: > > This example can be simplified by using smtpd_relay_restrictions > > (Posfix 2.10 and later). > > > > smtpd_relay_restrictions = > > permit_mynetworks > > permit_sasl_authenticated > > reject_unauth_des

Re: Query about restriction scenario in RESTRICTION_CLASS_README

On Tue, Jan 15, 2019 at 01:31:44PM -0500, Wietse Venema wrote: > This example can be simplified by using smtpd_relay_restrictions > (Posfix 2.10 and later). > > smtpd_relay_restrictions = > permit_mynetworks > permit_sasl_authenticated > reject_unauth_destination > ...

Re: Query about restriction scenario in RESTRICTION_CLASS_README

Mayuresh: > I am using postfix 3.1.4 on NetBSD 8. > > I am trying the idea of setting up a mailing list for a fairly static > group of size not exceeding around 300, with postfix. I am doing this on a > VPS server and want a solution that is conservative on resource footprint, > hence considering

Query about restriction scenario in RESTRICTION_CLASS_README

I am using postfix 3.1.4 on NetBSD 8. I am trying the idea of setting up a mailing list for a fairly static group of size not exceeding around 300, with postfix. I am doing this on a VPS server and want a solution that is conservative on resource footprint, hence considering doing it with MTA itse

Re: about mysql query and input keys

virtual domains (domain table) can be configured to > > send or receive from the internet or from/to allowed external domains. > > Therefore the domain_external_domain_association table. > > So i can ask something like, for the virtual domain X, is there any > > association to exter

Re: about mysql query and input keys

he virtual domain X, is there any > association to external_domain entries. > > query= SELECT [OK OR REJECT GOES > HERE] FROM domain_external_domain_association  AS deda > JOIN domain as d ON deda.domain_id = d.id <http://d.id> > JOIN external_domain as ed ON deda.external_domai

Re: about mysql query and input keys

(domain table) can be configured to send or receive from the internet or from/to allowed external domains. Therefore the domain_external_domain_association table. So i can ask something like, for the virtual domain X, is there any association to external_domain entries. query= SELECT [OK OR REJECT

Re: about mysql query and input keys

ess where i need to check if the sender > domain (external domain) is in this "domain_external_domain_association" > when the recipient domain is X (my virtual domain) > > So the query looks like this: > > query= SELECT [OK OR REJECT GOES HERE] FROM  > domain_external_

about mysql query and input keys

ion" when the recipient domain is X (my virtual domain) So the query looks like this: query= SELECT <http://postadmin.lab.mmely.de/phpmyadmin/url.php?url=https://dev.mysql.com/doc/refman/5.5/en/select.html> [OK OR REJECT GOES HERE] FROM domain_external_domain_association AS deda

Re: ldap query and custom error response - broken

Wietse Venema: > l carr: > > I have postfix configured to deliver emails based on custom LDAP > > queries. One of these queries issues a custom error response. > ... > > The LDAP queries are defined using virtual_alias_maps. > > There is no 'custom error response' for virtual_alias_maps lookups. >

Re: ldap query and custom error response - broken

l carr: > I have postfix configured to deliver emails based on custom LDAP > queries. One of these queries issues a custom error response. ... > The LDAP queries are defined using virtual_alias_maps. There is no 'custom error response' for virtual_alias_maps lookups. Where did you get that idea fr

Re: ldap query and custom error response (misconfigured)

tore for an access(5) table: http://www.postfix.org/access.5.html http://www.postfix.org/SMTPD_ACCESS_README.html > However, if an email is received from an upstream server and the > initial query leads to another LDAP query and then the custom error > response, instead of

ldap query and custom error response - broken

. eg server-a > postfix > ldap lookup > custom error response returned However, if an email is received from an upstream server and the initial query leads to another LDAP query and then the custom error response, instead of returning the custom error response, the postfix server t

Re: Send Alternate Error Response based on LDAP Query Results

Thank you very much, Viktor. That pointed me in the right direction and while I still have more testing to do, I now have the system returning the desired error message based on the LDAP query results. =lisa c From: owner-postfix-us...@postfix.org on behalf

Re: Send Alternate Error Response based on LDAP Query Results

> On Mar 21, 2017, at 11:59 AM, pandorasbox55 wrote: > > Hi - > > I am trying to find out if there is a way to send alternate error responses > based on the results of an LDAP query. > > For example, the current LDAP query checks to see if an account is active >

Send Alternate Error Response based on LDAP Query Results

Hi - I am trying to find out if there is a way to send alternate error responses based on the results of an LDAP query. For example, the current LDAP query checks to see if an account is active and has the necessary email attributes and routes email accordingly. If an account does not meet the

Re: Authentication query

It could be possible, but I'd be scared of breaking ClearOS's integration. I would do better to update to ClearOS 7.x which uses a version of 2.10 and/or remove the use of SMTPS which is no longer required by my ISP. But thanks for the idea anyway. Nick On 1

Re: Authentication query

> On 16 Jan 2016, at 16:47, Nick Howitt wrote: > > Only since 2.10 or 2.11. It was added because of a discussion with me on > these lists. My distro (RHEL6 related) is stuck on 2.6.6. At some point, when > it is more stable I'll update to my distro's RHEL7 derivative. I can't help > the ISP

Re: Authentication query

On 16/01/2016 16:39, Benny Pedersen wrote: Nick Howitt skrev den 2016-01-16 17:03:  Because I have a dynamic (quasi-static) IP so I relay via my ISP who insisted on SMTPS. SMTPS has only been introduced i

Re: Authentication query

Nick Howitt skrev den 2016-01-16 17:03: Because I have a dynamic (quasi-static) IP so I relay via my ISP who insisted on SMTPS. SMTPS has only been introduced into postfix recently and is not available for my distro. Having said that I may remove stunnel/SMTPS as the ISP backed down and now all

Re: Authentication query

Nick Howitt: >

Re: Authentication query

On 16/01/2016 15:24, Wietse Venema wrote: Nick Howitt: Is it possibly to stop anyone outside my LAN who tries to authenticate on port 25? For example: Remove 'smtpd_sasl_auth_enable = yes' from main.cf. Will do.

Re: Authentication query

On 16/01/2016 15:15, Benny Pedersen wrote: Nick Howitt skrev den 2016-01-16 15:48: reject_rhsbl_sender, dsn.rfc-ignorant.org rfc domain is gone to dev/null see rfc

Re: Authentication query

Nick Howitt: > Is it possibly to stop anyone outside my LAN who tries to authenticate > on port 25? For example: Remove 'smtpd_sasl_auth_enable = yes' from main.cf. Add '-o smtpd_sasl_auth_enable=yes' to the submission service in master.cf. Wietse

Re: Authentication query

Nick Howitt skrev den 2016-01-16 15:48: reject_rhsbl_sender, dsn.rfc-ignorant.org rfc domain is gone to dev/null see rfc-ignorant.de I send mail to the outside world using smtps via stunnel. why complicate things ? Is it possibly to stop anyone outside my LAN who tries to authenticate o

Authentication query

Hi, I'm afraid I struggle a bit with understanding all the various restrictions with their meaning and where they are applied to so can I please have some help? Last night I noticed one IP address repeatedly trying to authenticate on port 25, trying different user names until he finally went

Re: About table search order: not to query 'user+extens...@domain.ltd'

On Thu, Mar 12, 2015 at 12:10 AM, Viktor Dukhovni wrote: >> In this case, SQL is flexible. but any solution for LDAP table? we cannot do >> this in ldap query filter. > > No. OK, thanks. BTW, any plan to support this (ignore '+extension' in table lookup)?

Re: About table search order: not to query 'user+extens...@domain.ltd'

> > by interpolating the lookup key into the query via '%u@%d' instead > > of '%s'. That will filter out keys with no @domain part. > > Thanks Victor. :) > > I'm afraid that '%u' doesn't work, it still has '+extension' i

Re: About table search order: not to query 'user+extens...@domain.ltd'

On Wed, Mar 11, 2015 at 11:32:43PM +0800, Zhang Huangbin wrote: > Dear all, > > According to Postfix document, virtual(8), 'user+extens...@domain.ltd' > is looked up first, then 'u...@domain.ltd'. Is it possible to > skip/ignore the address extension and just

Re: About table search order: not to query 'user+extens...@domain.ltd'

On Thu, Mar 12, 2015 at 12:07:49AM +0800, Zhang Huangbin wrote: > > An SQL server may well optimize that query away when the key contains > > a "+" and not do any disk I/O. > > In this case, SQL is flexible. but any solution for LDAP table? we cannot do >

Re: About table search order: not to query 'user+extens...@domain.ltd'

27;%u@%d' > AND key NOT LIKE '%%+%%' > > An SQL server may well optimize that query away when the key contains > a "+" and not do any disk I/O. In this case, SQL is flexible. but any solution for LDAP table? we cannot do this in ldap query filter. Again, thanks for your help. :)

Re: About table search order: not to query 'user+extens...@domain.ltd'

On Wed, Mar 11, 2015 at 11:46 PM, Viktor Dukhovni wrote: > > Not at present. You can only suppress lookups for bare keys which > can happen when the domain is $myorigin or matches $mydestination > by interpolating the lookup key into the query via '%u@%d' instead > of &#

About table search order: not to query 'user+extens...@domain.ltd'

Dear all, According to Postfix document, virtual(8), 'user+extens...@domain.ltd' is looked up first, then 'u...@domain.ltd'. Is it possible to skip/ignore the address extension and just query 'u...@domain.ltd'? (by the way, i want to ignore the extension in SQL/LDAP

Re: LDAP query not working

ldap:/opt/local/etc/postfix/ldap_virtual_mailbox_domains.cf > > I guess, since you used %2 in the query_filter, it will be the second > component from the right, > eg for "balius.com" %1 is com, and %2 is balius. Thus, to test this, you may > need the postmap > with -q balius.com

Re: LDAP query not working

query_filter, it will be the second component from the right, eg for "balius.com" %1 is com, and %2 is balius. Thus, to test this, you may need the postmap with -q balius.com instead of just balius (what you did). If you query just balius, it will be %1 (and not %2, what you use in you

LDAP query not working

I'm setting up LDAP to be used by Postfix, Dovecot, etc. for mail and other stuff. I'm not understanding why postfix is failing to find the virtual domain in question. I've got Dovecot setup and working against it, at least for authentication at this point. [root@mta03 /opt/local/etc/postfix

  1   2   3   4   5   >