hi
i have a little problem implementing alias-domains
the backend is dbmail with some additional tables and a inhouse
developed webui for dbmail/postfix/dovecot-proxy
i'm using "recipient_canonical_maps" as follows what works but
RCPT-Verify for "inva...@aliasdomain.tld" gives back that the
addre
Hi,
> Do you know any reliable Debian/Ubuntu repositories for the
> newest Postfix 2.8?
http://mysourceco.de
Is my repo. Clean patches to Postfix. It is in fact cloned from the Debian
2.7.0, but with review!
It also has Dovecot 2.09+Pigeonhole in it.
Regards
Christian
---
Roessner-Network-S
Hello all, Can somebody give me some feed back on putting a postfix mail
cluster
behind one off these new Fortimail appliances? We are getting 75 emails a
day and are currently using Cisco ironport devices. The biggest problem is
spam.
Thanks
Ralf
* Ralf W. :
> Hello all, Can somebody give me some feed back on putting a postfix
> mail cluster behind one off these new Fortimail appliances? We are
> getting 75 emails a day
Before or after filtering?
> and are currently using Cisco ironport devices. The biggest problem is
> spam.
Is
Hi list,
I have a client platform trying to send me a mail with a non-RFC
compliant sender address like '-test-mai...@mydomain.com'.
As they are unable to change this, I'm facing the task to have my
postfix accept this sender address but I keep getting the usual
'warning: Illegal address syntax'
* Ultrabug :
> Hi list,
>
> I have a client platform trying to send me a mail with a non-RFC
> compliant sender address like '-test-mai...@mydomain.com'.
allow_min_user = yes
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin F
Zitat von "Ralf W." :
Hello all, Can somebody give me some feed back on putting a postfix
mail cluster
behind one off these new Fortimail appliances? We are getting
75 emails a
day and are currently using Cisco ironport devices. The biggest problem is
spam.
Postfix properly configure
Am 06.02.2011 21:51, schrieb Mark Alan:
> On Sun, 06 Feb 2011 20:01:17 +0100, Robert Schetterer
> wrote:
>
>>> Do you know any reliable Debian/Ubuntu repositories for the
>>> newest Postfix 2.8?
>>
>> http://debian.incertum.net/
>
> Thank you, but the emphasis in my question was in 'reliable'.
>
Am 07.02.2011 09:24, schrieb Ralf W.:
> Hello all, Can somebody give me some feed back on putting a postfix mail
> cluster
> behind one off these new Fortimail appliances? We are getting 75 emails
> a
> day and are currently using Cisco ironport devices. The biggest problem is
> spam.
>
On Mon, 7 Feb 2011 00:40:16 -0500, Victor Duchovni
wrote:
> Debian Postfix has significant integration enhancements, dynamic
> loading of table drivers, Debian-specific SASL configuration
> directory, hostname setting in external file, ... Debian users should
> probably not build directly from un
On 07/02/2011 10:47, Ralf Hildebrandt wrote:
> * Ultrabug :
>> Hi list,
>>
>> I have a client platform trying to send me a mail with a non-RFC
>> compliant sender address like '-test-mai...@mydomain.com'.
>
> allow_min_user = yes
Solved, thanks a lot for your quick answer Ralf !
Regards
On Sun, 6 Feb 2011 22:22:52 +0100, Patrick Ben Koetter
wrote:
> If there are "significant differences that are not Debian related"
> Stefan certainly has had reasons to add them.
That's certainly a way to view things and I respect your opinion.
But it is hard to see the rationale in, for instan
Zitat von Reindl Harald :
hi
i have a little problem implementing alias-domains
the backend is dbmail with some additional tables and a inhouse
developed webui for dbmail/postfix/dovecot-proxy
i'm using "recipient_canonical_maps" as follows what works but
RCPT-Verify for "inva...@aliasdomain.t
Am 07.02.2011 11:51, schrieb lst_ho...@kwsoft.de:
> Zitat von Reindl Harald :
>
>> hi
>>
>> i have a little problem implementing alias-domains
>> the backend is dbmail with some additional tables and a inhouse
>> developed webui for dbmail/postfix/dovecot-proxy
>>
>> i'm using "recipient_canonic
On Sun, 6 Feb 2011 23:42:39 -0600, /dev/rob0 wrote:
> If you're capable of determining that Stefan is unreliable, you
> should also be capable of building your own reliable package, or
> that's what I'd expect, anyway.
I am. We are.
But as you very well know, one of the first rules of Open So
On Sun, 6 Feb 2011 18:52:15 +, Mark Alan
wrote:
> Do you know any reliable Debian/Ubuntu repositories for the
> newest Postfix 2.8?
[SOLVED]
For now we will use Christian Roessner's http://mysourceco.de
Ubuntu repository.
Our servers run on Ubuntu 10.04 & 10.10, so to install/upgrade to
Pos
Hi,
yesterday I encountered a problem. I already sent it to Wietse and he in turn
suggests to contact this list and ask, if somebody else out there can reproduce
this bug.
Here is the mail I sent to him:
Hi,
for some reason I encountered a segfault in smtpd - Postfix 2.8.0.
[1584207.718
Christian Roessner:
> I double checked that cacert.org's cert is in that path as well
> and that the c_hash exists, too. I did not find an answer and so
> I only changed the log level of smtpd_tls_loglevel = 1 to 3. This
> brought the segfault and this in the logs:
>
> Feb 6 19:11:54 mx postfix/m
Wietse Venema:
> Christian Roessner:
> > I double checked that cacert.org's cert is in that path as well
> > and that the c_hash exists, too. I did not find an answer and so
> > I only changed the log level of smtpd_tls_loglevel = 1 to 3. This
> > brought the segfault and this in the logs:
> >
> >
Hi,
I am using this piece of code to restrict access to some mail aliases
(only clients from the allowed IP addresses are permitted to send email
to the protected email addresses):
smtpd_restriction_classes = allowed_list1
allowed_list1 = check_client_access hash:/etc/postfix/client_acc
Hi,
Am 07.02.2011 um 15:39 schrieb Wietse Venema:
> Wietse Venema:
>> Christian Roessner:
>>> I double checked that cacert.org's cert is in that path as well
>>> and that the c_hash exists, too. I did not find an answer and so
>>> I only changed the log level of smtpd_tls_loglevel = 1 to 3. This
Christian Roessner:
> Patch applied:
>
> Feb 7 16:25:55 mx postfix/tlsproxy[10233]: initializing the server-side TLS
> engine
> Feb 7 16:25:55 mx postfix/tlsproxy[10233]: CONNECT from [127.0.0.1]:41711
> Feb 7 16:25:55 mx postfix/tlsproxy[10233]: setting up TLS connection from
> [127.0.0.1]:4
= 3 segfault in BOTH smtpd and tlsproxy. In addition,
it makes tlsproxy(8) actually log TLS transactions as expected.
It works around an undocumented OpenSSL mis-feature, by moving the
SSL_set_fd() call from tlsproxy(8) into the Postfix TLS library.
Apparently, SSL_set_fd() destroys call-back informa
Nikolaos Milas:
> hash:/etc/postfix/protected_destinations
>
> where /etc/postfix/protected_destinations is the same as above
> and /etc/postfix/client.cidr is:
>
> 10.10.10.0/25 OK
> 10.10.11.0/24 OK
As documented you can't use CIDR patterns in a HASH file.
Wietse Venema:
> It works around an undocumented OpenSSL mis-feature, by moving the
> SSL_set_fd() call from tlsproxy(8) into the Postfix TLS library.
> Apparently, SSL_set_fd() destroys call-back information that is
> already set up on an SSL handle. That was causing tlsproxy(8)'s
> verbose loggin
Thanks Wietse,
Sorry, I didn't notice in the documentation.
Could you please suggest any alternative with using subnetting for this
purpose?
Otherwise, we would have to include a very large number of unique IP
addresses in a hash file for client access control.
Thanks again,
Nick
On 7/2/
> where /etc/postfix/protected_destinations is for example:
>
> ...
> ali...@example.com allowed_list1
> ...
...
> However, when I try to use cidr tables (because I need to define
> subnets), it doesn't work correctly:
>
> smtpd_restriction_classes = allowed_list1
> allo
* Mark Alan :
> On Sun, 6 Feb 2011 22:22:52 +0100, Patrick Ben Koetter
> wrote:
>
> > If there are "significant differences that are not Debian related"
> > Stefan certainly has had reasons to add them.
>
> That's certainly a way to view things and I respect your opinion.
>
> But it is hard to
On 2/7/2011 10:15 AM, Nikolaos Milas wrote:
> Hi,
>
> I am using this piece of code to restrict access to some mail aliases
> (only clients from the allowed IP addresses are permitted to send
> email to the protected email addresses):
>
>smtpd_restriction_classes = allowed_list1
>allowed_li
* Robert Schetterer :
> whatever, i use this debs they are up and running,
> in ubuntu lucid
You should not use these packages on Ubuntu - they lack some of the
necessary triggers like e.g. ufw.
Cheers
Stefan
Sorry Wietse,
I don't understand.
You mean I shouldn't have changed the true domain names / IP addresses
in my email? (I usually do in mailing list posts, it's considered proper
conduct.)
If it's needed, I can provide the actual domain names / networks / files.
Would you please clarify?
Th
On Mon, Feb 07, 2011 at 05:49:38PM +0100, Stefan Foerster wrote:
> * Mark Alan :
> > On Sun, 6 Feb 2011 22:22:52 +0100, Patrick Ben Koetter
> > wrote:
> >
> > > If there are "significant differences that are not Debian
> > > related" Stefan certainly has had reasons to add them.
> >
> > That's
Thans Brian,
But, could I have used "allowed_list1= check_client_access
cidr:/etc/postfix/client.cidr,reject" ? Is this feasible?
I understand from Wietse's feedback that I couldn't use CIDR lookups in
a smtpd_restriction_classes statement which is used in a hash table in
smtpd_recipient_res
On Mon, 7 Feb 2011 17:49:38 +0100, Stefan Foerster
wrote:
> [chroot disabled]
> ... and the mysql client libraries
> will then try to use the unix socket. This socket is, of course, not
> present in the chroot.>
> Now I know there are better ways around this - use proxymap(8), e.g.,
> but frankl
On 2/7/2011 12:33 PM, Nikolaos Milas wrote:
> Thans Brian,
>
> But, could I have used "allowed_list1= check_client_access
> cidr:/etc/postfix/client.cidr,reject" ? Is this feasible?
>
Yes
> I understand from Wietse's feedback that I couldn't use CIDR lookups
> in a smtpd_restriction_classes state
* Mark Alan :
> On Mon, 7 Feb 2011 17:49:38 +0100, Stefan Foerster
> Apparently you did so just to cope with the novice user that does
> not know how to use MySQL with Postfix chrooted services.
Believe me, nothing is more annyoing than seeing other people
suffering from chroot related problems.
OK Brian,
Per your advice, I modified it as below:
smtpd_restriction_classes = allowed_list1
allowed_list1= check_client_access cidr:/etc/postfix/client.cidr,reject
smtpd_recipient_restrictions =
hash:/etc/postfix/protected_destinations,permit_mynetworks,permit_sasl_authenticated,re
Mark Alan:
> A quick google search shows that, for years, Wietse have been answering
> questions related with users trying to use chrooted parts of Postfix.
>
> But, I wonder, in his machines does he use chroot or not?
Indeed I do, helped by an OS that requires few files in the postfix
jail (etc/
Hi,
>> It works around an undocumented OpenSSL mis-feature, by moving the
>> SSL_set_fd() call from tlsproxy(8) into the Postfix TLS library.
>> Apparently, SSL_set_fd() destroys call-back information that is
>> already set up on an SSL handle. That was causing tlsproxy(8)'s
>> verbose logging to
On 2/7/2011 1:22 PM, Wietse Venema wrote:
Mark Alan:
A quick google search shows that, for years, Wietse have been answering
questions related with users trying to use chrooted parts of Postfix.
But, I wonder, in his machines does he use chroot or not?
Indeed I do, helped by an OS that require
On Mon, Feb 07, 2011 at 01:39:18PM -0500, Daniel Bromberg wrote:
> For the sake of curiosity and education, why is running chroot'd Postfix
> complicated?
Late binding. Cyrus SASL may dynamically load plugins. Table drivers may
dynamically do hostname lookups, CA certificates may need to retriev
Mark Alan:
> A quick google search shows that, for years, Wietse have been answering
> questions related with users trying to use chrooted parts of Postfix.
>
> But, I wonder, in his machines does he use chroot or not?
Wietse:
> > Indeed I do, helped by an OS that requires few files in the postfix
>> For the sake of curiosity and education, why is running chroot'd Postfix
>> complicated?
>
> Late binding. Cyrus SASL may dynamically load plugins. Table drivers may
> dynamically do hostname lookups, CA certificates may need to retrieved, ...
>
> The more features you enable that use externa
On Mon, Feb 07, 2011 at 08:15:49PM +0100, Christian Roessner wrote:
> But I also could say: The more features you enable, the more experienced
> you probably are.
You could also say something just to disagree or make the last point.
--
Viktor.
Christian Roessner:
> >> For the sake of curiosity and education, why is running chroot'd Postfix
> >> complicated?
> >
> > Late binding. Cyrus SASL may dynamically load plugins. Table drivers may
> > dynamically do hostname lookups, CA certificates may need to retrieved, ...
> >
> > The more fe
Hello,
is it somehow possible to tell postfix in which error cases the
smtp_fallback_relay should be used? I'm trying to find a way to seperate
real rejects from temporary errors. I want "my" postfix to use the
fallback only if a reject occured and not if a temporary error (like
from greylist
--On Monday, February 07, 2011 11:05 AM -0500 Wietse Venema
wrote:
Below is a patch that goes further. Like the earlier patch it fixes
the loglevel >= 3 segfault in BOTH smtpd and tlsproxy. In addition,
it makes tlsproxy(8) actually log TLS transactions as expected.
It works around an undocum
Le 07/02/2011 12:06, Mark Alan a écrit :
>[snip]
>
> No disrespect intended neither towards Stefan, nor towards his
> friends.
>
> But, to us, it would be difficult to use a Postfix repository that
> includes changes whose rationale we are not able to understand like, for
> instance, the followin
On 2/7/2011 1:31 PM, tobi wrote:
Hello,
is it somehow possible to tell postfix in which error cases
the smtp_fallback_relay should be used?
No.
I'm trying to find a
way to seperate real rejects from temporary errors. I want
"my" postfix to use the fallback only if a reject occured and
not
Quanah Gibson-Mount:
> --On Monday, February 07, 2011 11:05 AM -0500 Wietse Venema
> wrote:
>
> > Below is a patch that goes further. Like the earlier patch it fixes
> > the loglevel >= 3 segfault in BOTH smtpd and tlsproxy. In addition,
> > it makes tlsproxy(8) actually log TLS transactions as
--On Monday, February 07, 2011 2:47 PM -0500 Wietse Venema
wrote:
Quanah Gibson-Mount:
--On Monday, February 07, 2011 11:05 AM -0500 Wietse Venema
wrote:
> Below is a patch that goes further. Like the earlier patch it fixes
> the loglevel >= 3 segfault in BOTH smtpd and tlsproxy. In additio
On Mon, Feb 07, 2011 at 11:50:14AM -0800, Quanah Gibson-Mount wrote:
> ASCII mail involves having to do a bunch of otherwise unnecessary editing
> to preserve things like tabs in the patch files. Attachments are the
> standard practice for patches of every other open source software project I
* Victor Duchovni :
> On Mon, Feb 07, 2011 at 11:50:14AM -0800, Quanah Gibson-Mount wrote:
>
> > ASCII mail involves having to do a bunch of otherwise unnecessary editing
> > to preserve things like tabs in the patch files. Attachments are the
> > standard practice for patches of every other op
--On Monday, February 07, 2011 3:06 PM -0500 Victor Duchovni
wrote:
Tabs are equally well preserved in the message body as in attachments.
I applied the patch directly from the message source. Perhaps your
mail client does not make the message body available for saving into
a file?
I use mutt
On Mon, Feb 07, 2011 at 08:31:03PM +0100, tobi wrote:
> Is it somehow possible to tell postfix in which error cases the
> smtp_fallback_relay should be used?
The fallback relay is used precisely when delivery tempfails.
> I'm trying to find a way to seperate
> real rejects from temporary error
On Mon, Feb 07, 2011 at 12:32:55PM -0800, Quanah Gibson-Mount wrote:
> --On Monday, February 07, 2011 3:06 PM -0500 Victor Duchovni
> wrote:
>
>> Tabs are equally well preserved in the message body as in attachments.
>> I applied the patch directly from the message source. Perhaps your
>> mail c
On Mon, 7 Feb 2011 14:21:39 -0500 (EST), Wietse Venema
wrote:
> Except for all those beginners that get into trouble because they
> use someone elses cookbook instructions instead of their own
> expertise.
And instead of being continuously consumed by same beginner questions,
wouldn't it be easi
Quanah Gibson-Mount:
> --On Monday, February 07, 2011 2:47 PM -0500 Wietse Venema
> wrote:
>
> > Quanah Gibson-Mount:
> >> --On Monday, February 07, 2011 11:05 AM -0500 Wietse Venema
> >> wrote:
> >>
> >> > Below is a patch that goes further. Like the earlier patch it fixes
> >> > the loglevel
--On Monday, February 07, 2011 3:39 PM -0500 Victor Duchovni
wrote:
I can "Save As" just fine, the point is I don't want or need all the
cruft from the message, just the patch itself. It's cleaner and
simpler.
The "patch" command automatically deals with (ignores) non-patch
content. The cr
--On Monday, February 07, 2011 3:50 PM -0500 Wietse Venema
wrote:
The mailing list is not a repository.
That may be. However, I tend to check useful patches into *our*
repository. I'm sure that is not uncommon for organizations like Debian,
Ubuntu, etc, as well.
--Quanah
--
Quanah Gi
Mark Alan:
> On Mon, 7 Feb 2011 14:21:39 -0500 (EST), Wietse Venema
> wrote:
>
> > Except for all those beginners that get into trouble because they
> > use someone elses cookbook instructions instead of their own
> > expertise.
>
> And instead of being continuously consumed by same beginner que
Daniel Bromberg put forth on 2/7/2011 12:39 PM:
> Finally, how does one use Postfix properly in the possessive? "Postfix's,
> Postfixs', Postfix', and Postfixes" all look wrong.
Go the Romance language route and use "of". Example, instead of using
Postfix' smtpd_foo_restrictions
use
smtpd_foo
Wietse Venema put forth on 2/7/2011 1:05 PM:
> getpwnam() is not a good example because Postfix uses proxymap from
> inside the jail, but you get the idea.
Here's a good example Wietse, one you helped me figure out/fix a couple of years
ago. Before Lenny (Released Feb 2009), Debian didn't create
Zitat von Reindl Harald :
Am 07.02.2011 11:51, schrieb lst_ho...@kwsoft.de:
Zitat von Reindl Harald :
hi
i have a little problem implementing alias-domains
the backend is dbmail with some additional tables and a inhouse
developed webui for dbmail/postfix/dovecot-proxy
i'm using "recipient
I have parenthetically asked in another - solved - thread if postfix
offers the ability to control access to specific mail addresses using as
a key the authenticated usernames (and got no reply).
So, I am posting this as a new thread, hoping that someone has faced
this scenario.
The idea is:
On 02/07/2011 11:57 PM, Nikolaos Milas wrote:
I have parenthetically asked in another - solved - thread if postfix
offers the ability to control access to specific mail addresses using
as a key the authenticated usernames (and got no reply).
So, I am posting this as a new thread, hoping that s
On 2/7/2011 4:57 PM, Nikolaos Milas wrote:
I have parenthetically asked in another - solved - thread if
postfix offers the ability to control access to specific mail
addresses using as a key the authenticated usernames (and got
no reply).
So, I am posting this as a new thread, hoping that someon
Am 07.02.2011 22:56, schrieb lst_ho...@kwsoft.de:
> This is your source of recipient checking...
> So it matters what you get from this by querying with "postmap -q
>
> mysql:/etc/postfix/mysql-recipients.cf
exactly this is the reason why i need a working domain-alias
"mysql-recipients.cf" is
On 2/7/2011 5:44 PM, Reindl Harald wrote:
Am 07.02.2011 22:56, schrieb lst_ho...@kwsoft.de:
This is your source of recipient checking...
So it matters what you get from this by querying with "postmap
-q
mysql:/etc/postfix/mysql-recipients.cf
exactly this is the reason why i need a working do
Unlike previous postfix releases, postconf changes the ownership of the
"main.cf" file when it is executed. This breaks things that specifically
set the ownership on main.cf prior to executing postconf.
I can reproduce this quite easily by touching a file as the user ID I want
to own it, and
On Mon, Feb 07, 2011 at 09:17:10PM -0800, Quanah Gibson-Mount wrote:
> Unlike previous postfix releases, postconf changes the ownership of the
> "main.cf" file when it is executed. This breaks things that specifically
> set the ownership on main.cf prior to executing postconf.
The main.cf file
On Tue, Feb 08, 2011 at 12:48:26AM -0500, Victor Duchovni wrote:
> The code that implemenents "postconf -e" main.cf updates has not changed
> since Postfix 2.6. The main.cf file is given the original permissions, but
> no attempt is made to explicitly assign an owner.
Sorry, the mode is is not pr
Am 08.02.2011 02:28, schrieb Noel Jones:
> Don't use "domain aliases"
That is not a solution nor a workaround because many business
clients have a couple of domains and wnats to receive mail for
all addresses in all of them because peopole visit a homepage
often take the domain in the address
On Tue, Feb 08, 2011 at 07:18:57AM +0100, Reindl Harald wrote:
>
>
> Am 08.02.2011 02:28, schrieb Noel Jones:
>
> > Don't use "domain aliases"
>
> That is not a solution nor a workaround because many business
> clients have a couple of domains and wnats to receive mail for
> all addresses in
--On February 8, 2011 12:54:41 AM -0500 Victor Duchovni
wrote:
On Tue, Feb 08, 2011 at 12:48:26AM -0500, Victor Duchovni wrote:
The code that implemenents "postconf -e" main.cf updates has not changed
since Postfix 2.6. The main.cf file is given the original permissions,
but no attempt is
On Mon, Feb 07, 2011 at 10:33:13PM -0800, Quanah Gibson-Mount wrote:
>> Sorry, the mode is is not preserved either, it is always set to 0644, and
>> always has been set to 0644 (as far back as Postfix 1.0).
>
> Yeah, you're right. Something else has been changing the ownership
> back,and is no l
Zitat von Reindl Harald :
Am 07.02.2011 22:56, schrieb lst_ho...@kwsoft.de:
This is your source of recipient checking...
So it matters what you get from this by querying with "postmap -q
mysql:/etc/postfix/mysql-recipients.cf
exactly this is the reason why i need a working domain-alias
Hm, OK, i will start my IDE and develop something nice
local_recipient_maps = mysql:/etc/postfix/mysql-recipients.cf
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_alias.cf
Can i use both as above because "mysql-recipients.cf" are from
the dbmail-alias-table and i would like to implement a
78 matches
Mail list logo
