Re: relay_recipient_maps and LDAP as backend

On 10/27/2011 08:25 AM, Nikolaos Milas wrote: > Now come on, Nerijus, there is no associated security risk with that. If > you feel uneasy, create a separate LDAP user with proper access rights > just for postfix use. Providing postfix user with read access to lookup > tables won't cause any harm t

Re: Config check

> No, since that will only whitelist the sender part; > smtpd_recipient_restrictions may still reject the message or the > recipient(s). > Put the sender check in smtpd_recipient_restrictions instead. So would this work: smtpd_recipient_restrictions = permit_sasl_authenticated, check_sender_acces

Fwd: Config check

>So would this work: > >smtpd_recipient_restrictions = permit_sasl_authenticated, >check_sender_access hash:/usr/pkg/etc/postfix/sender_access, >reject_unauth_destination, reject_unauth_pipelining, reject_rbl_client >zen.spamhaus.org, check_policy_service inet:127.0.0.1:10023, permit > >As in the m

Connect only via TLS,for send and fetch mail

Hi I want to users can access only via TLS to our MTA system,both for sending mail and fetching mail. Of course I have configured TLS in main.cf and users can connect via TLS,but if users do not set "TLS" option in own mail client,also they can connect to system. For pop3 server I have setup doveco

Send periodic announcement to our customers

Hi In our company we want to send periodic announcement or newsletter mail to our customers (approximate 5 e-mail). because most of our customers have email account on yahoo and google and AOL mail services, I concern about that these mail services detect our emails as spam! Is there any recomm

Re: Send periodic announcement to our customers

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 nima chavooshi said the following on 27/10/11 13:42: > Is there any recommendation for send bulk mail ? 1) Use dedicated announcement services. 2) Route the emails to your ISP's MTA Ciao, luigi - -- / +--[Luigi Rosa]-- \ Osborn's Law: Variable

Re: Send periodic announcement to our customers

On 28/10/11 00:42, nima chavooshi wrote: > Hi > In our company we want to send periodic announcement or newsletter mail > to our customers (approximate 5 e-mail). because most of our > customers have email account on yahoo and google and AOL mail services, > I concern about that these mail serv

Re: Send periodic announcement to our customers

On 27 October 2011 07:42, nima chavooshi wrote: > Hi > In our company we want to send periodic announcement or newsletter mail to > our customers (approximate 5 e-mail). because most of our customers have > email account on yahoo and google and AOL mail services, I concern about > that these m

Re: Config check

On Thursday 27 October 2011 03:43:26 IT geek 31 wrote: > > No, since that will only whitelist the sender part; > > smtpd_recipient_restrictions may still reject the message or the > > recipient(s). > > Put the sender check in smtpd_recipient_restrictions instead. > > So would this work: > > smtpd

Re: Good tutorial on basic, outgoing-only mail

Ren? Fournier: > Well, I checked, I was off a bit. About 10,000 per day. Still low > though it seems. If you send these in a short span of time, then you're still sending bursts of 1000+ messages to major ISPs and are likely to be dropped/deferred/etc. by some, and I recommend taking a look at the

server side filtering system

Hi all, What is the best server side filtering system that can move emails at different subfolders at mailbox? Glad to listen any suggestions, recommendations -- Ilya Pichugin

Re: Good tutorial on basic, outgoing-only mail

> postmaster webpages on http://wiki.wordtothewise.com/ to find out Well *THAT* was a useful link. Thanks! -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 1

Re: server side filtering system

* Ilya Pichugin : > Hi all, > > What is the best server side filtering system that can move emails > at different subfolders at mailbox? sieve -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D

Re: server side filtering system

Am 27.10.2011 15:54, schrieb Ilya Pichugin: > Hi all, > > What is the best server side filtering system that can move emails > at different subfolders at mailbox? > Glad to listen any suggestions, recommendations > > there is no best, there are i.e. maildrop, procmail , sieve choose what fits be

Re: Connect only via TLS,for send and fetch mail

On 10/27/2011 6:15 AM, nima chavooshi wrote: > Hi > I want to users can access only via TLS to our MTA system,both for > sending mail and fetching mail. Of course I have configured TLS in > main.cf and users can connect via TLS,but if users > do not set "TLS" option in own mail cli

smtpd_recipient_restrictions

Hi I know this gets beaten to death on a regular basis, but sometimes I get in a muddle and I'd appreciate a sanity check. Currently my main.cf looks like: ## SPAM STUFF and REJECT CODES ## smtpd_recipient_restrictions = reject_non_fqdn_sender, reject_non_fqdn_recipient, permit_

Re: smtpd_recipient_restrictions

On Thursday 27 October 2011 10:32:54 Simon Brereton wrote: > I know this gets beaten to death on a regular basis, but sometimes Indeed it does, such as ... today! Read the "Config check" thread. > I get in a muddle and I'd appreciate a sanity check. Currently my > main.cf looks like: > > ## SPA

smtp-sink shows one more empty EHLO option

Seems like the smtp-sink appends one empty EHLO option at the end of its reply to an ehlo command. Should this be fixed? - my content filter is currently logging a warning, I wonder if I should remove the warning :) Using postfix-current-2.9.20111012 from FreeBSD ports. $ smtp-sink 127.0.0.1:200

Re: smtp-sink shows one more empty EHLO option

Mark Martinec: > Seems like the smtp-sink appends one empty EHLO option > at the end of its reply to an ehlo command. > Should this be fixed? - my content filter is currently logging > a warning, I wonder if I should remove the warning :) > > Using postfix-current-2.9.20111012 from FreeBSD ports.

Re: smtp-sink shows one more empty EHLO option

On Thursday, October 27, 2011, 13:07:37, Wietse Venema wrote: > Mark Martinec: >> Seems like the smtp-sink appends one empty EHLO option >> at the end of its reply to an ehlo command. >> Should this be fixed? - my content filter is currently logging >> a warning, I wonder if I should remove the war

Re: smtpd_recipient_restrictions

On 27 October 2011 12:07, /dev/rob0 wrote: > On Thursday 27 October 2011 10:32:54 Simon Brereton wrote: >> I know this gets beaten to death on a regular basis, but sometimes > > Indeed it does, such as ... today! Read the "Config check" thread. It's tricky enough understanding my config, let alon

Re: smtp-sink shows one more empty EHLO option

> Nope, RFC 2821 and RFC 5321 still has the same text. > It even goes on to say ... RFC 5321 does not allow empty ehlo-keyword: section 4.1.1.1: ehlo-ok-rsp= ( "250" SP Domain [ SP ehlo-greet ] CRLF ) / ( "250-" Domain [ SP ehlo-greet ] CRLF *( "250

Re: smtp-sink shows one more empty EHLO option

Mark Martinec: > > Nope, RFC 2821 and RFC 5321 still has the same text. > > It even goes on to say ... > > RFC 5321 does not allow empty ehlo-keyword: > > section 4.1.1.1: > >ehlo-ok-rsp= ( "250" SP Domain [ SP ehlo-greet ] CRLF ) > / ( "250-" Domain [ SP ehlo-greet ]

Re: PROPOSED PATCH. Please test (was: Odd postfix LDAP behavior)

--On October 27, 2011 4:14:12 AM + Viktor Dukhovni wrote: Therefore, I propose the following Postfix fix/work-around which is required for anyone running Postfix 2.3 or later, linked with OpenLDAP 2.4 or later (perhaps even late 2.3.x releases, I just compared OpenLDAP 2.3.4 with 2.4.23

Re: PROPOSED PATCH. Please test (was: Odd postfix LDAP behavior)

--On October 27, 2011 4:25:07 PM -0700 Quanah Gibson-Mount wrote: +#define FREE_RESULT 0 +if ((rc = ldap_parse_sasl_bind_result(dict_ldap->ld, res, 0, FREE_RESULT)) != LDAP_SUCCESS) + return (rc); + +return(ldap_result2error( dict_ldap->ld, res, 1 )); Two notes: The requir

Re: PROPOSED PATCH. Please test (was: Odd postfix LDAP behavior)

Quanah Gibson-Mount: > > > --On October 27, 2011 4:25:07 PM -0700 Quanah Gibson-Mount > wrote: > > > +#define FREE_RESULT 0 > > +if ((rc = ldap_parse_sasl_bind_result(dict_ldap->ld, res, 0, > > FREE_RESULT)) != LDAP_SUCCESS) > > + return (rc); > > + > > +return(ldap_result2error(

Re: PROPOSED PATCH. Please test (was: Odd postfix LDAP behavior)

--On October 27, 2011 8:14:51 PM -0400 Wietse Venema wrote: We don't create Postfix from scratch with each release; instead we use an evolutionary approach. This results in similarities between releases. Of course. I was simply pointing out that if you are going to fix this bug, it need

Re: PROPOSED PATCH. Please test (was: Odd postfix LDAP behavior)

Quanah Gibson-Mount: > > > --On October 27, 2011 8:14:51 PM -0400 Wietse Venema > wrote: > > > We don't create Postfix from scratch with each release; instead we > > use an evolutionary approach. This results in similarities between > > releases. > > Of course. I was simply pointing out that

Re: PROPOSED PATCH. Please test (was: Odd postfix LDAP behavior)

--On October 27, 2011 8:45:34 PM -0400 Wietse Venema wrote: Your post read like hey look what I found the same bug is in older releases. If my explanation is viewed as hostile, then don't read my replies. I will in return not read your posts. The original response from Viktor had: Natura

Implementing quota based rejection

Hi, I've been doing a bit of research into implementing quota based rejections for incoming messages with postfix. I want to do this before I hand it off to my LDA (which currently is handling the quota rejections) so that I can reject mail and stop sending backscatter when a recipient is over-qu

4.2.1 or 5.2.1 message with disabled mailboxes in sql virtual hosting

Hi, I have a virtual mailbox environment and mailboxes are mapped into postfix from mysql with the following map: virtual_mailbox_maps = proxy:mysql:.../mysql_virtual_mailbox_maps.cf The map queries the database as such: SELECT maildir FROM mailbox WHERE username='%s' AND active

Re: PROPOSED PATCH. Please test (was: Odd postfix LDAP behavior)

On Thu, Oct 27, 2011 at 05:55:21PM -0700, Quanah Gibson-Mount wrote: > The original response from Viktor had: > > Naturally also post the Postfix table definition, which will indicate > whether you're using simple or SASL binds. If possible try both, > and report any difference in behaviour, sinc

Re: PROPOSED PATCH. Please test (was: Odd postfix LDAP behavior)

--On October 28, 2011 2:18:22 AM + Viktor Dukhovni wrote: On Thu, Oct 27, 2011 at 05:55:21PM -0700, Quanah Gibson-Mount wrote: The original response from Viktor had: Naturally also post the Postfix table definition, which will indicate whether you're using simple or SASL binds. If po

Re: PROPOSED PATCH. Please test (was: Odd postfix LDAP behavior)

On Thu, Oct 27, 2011 at 04:25:07PM -0700, Quanah Gibson-Mount wrote: > >Therefore, I propose the following Postfix fix/work-around which > >is required for anyone running Postfix 2.3 or later, linked with > >OpenLDAP 2.4 or later (perhaps even late 2.3.x releases, I just > >compared OpenLDAP 2.3.4

Re: PROPOSED PATCH. Please test (was: Odd postfix LDAP behavior)

--On October 28, 2011 2:27:32 AM + Viktor Dukhovni wrote: A better solution is required, I'll post an updated proposal tomorrow. Sounds good! --Quanah -- Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc Zimbra :: the leader in open source messaging a

RE: Implementing quota based rejection

Hi again, It figures, after finally giving up and posting this, I found what appears to be a simple solution. You can configure dovecot use various back ends, I'll just tell it to save quota information to mysql. I can then in postfix, use check_recipient_access in smtpd_recipient_restrictions t

Re: Implementing quota based rejection

On 10/27/2011 8:54 PM, Fred Kilbourn wrote: > * Should be able to calculate the true message size, not simply trust any > size headers sent. True message size can only be determined after the DATA phase of the conversation has ended. > * Should handle multi-recipient messages somewhat gracefully.

Re: Implementing quota based rejection

On 10/27/2011 9:42 PM, Fred Kilbourn wrote: > Hi again, > > It figures, after finally giving up and posting this, I found what appears > to be a simple solution. > > You can configure dovecot use various back ends, I'll just tell it to save > quota information to mysql. > > I can then in postfix

Re: 4.2.1 or 5.2.1 message with disabled mailboxes in sql virtual hosting

On Thursday 27 October 2011 20:59:47 Fred Kilbourn wrote: > I have a virtual mailbox environment and mailboxes are mapped into > postfix from mysql with the following map: > > virtual_mailbox_maps = > proxy:mysql:.../mysql_virtual_mailbox_maps.cf > > The map queries the database as such: >

Re: PROPOSED PATCH. Please test (was: Odd postfix LDAP behavior)

On Thu, Oct 27, 2011 at 07:22:05PM -0700, Quanah Gibson-Mount wrote: > The issue I fixed today would affect any postfix build with an > OpenLDAP API at least as far back as OpenLDAP 2.1. What postfix > revisions you fix are entirely up to you of course, and I think > reasonably I wouldn't expect

Re: Implementing quota based rejection

Am 28.10.2011 03:54, schrieb Fred Kilbourn: > Hi, > > I've been doing a bit of research into implementing quota based rejections > for incoming messages with postfix. I want to do this before I hand it off > to my LDA (which currently is handling the quota rejections) so that I can > reject mail