Morning List.
Sorry for the trivial question.
I was just wondering where the best place for the fqrdns.regexp
"check_client_access".
I see on the systems I have inherited, it is in the
"smtpd_client_restrictions" which makes sense however
it is placed before the "permit_sasl_authenticated" l
I found the problem by investigating the address verification traffic
between
Postfix and Exchange. I noticed Postfix was not verifying recent
addresses at all
so I figured Postfix must be caching verification results somewhere.
Indeed, there is a /var/lib/verify_cache.db and it contained the
Hello,
is it possible to configure postfix not to send email with recipient
domains to certain MX host?
- Joe
Am 15.12.2011 12:44, schrieb Joe Wong:
> Hello,
>
> is it possible to configure postfix not to send email with recipient
> domains to certain MX host?
>
> - Joe
>
perhaps you need stuff like this
check_recipient_mx_access type:table
Search the specified access(5) database for the MX hosts
Gonzo Fernandez:
> I'm not sure I'm understanding the log file info you would like. I tried
> doing grep search for 8A2993E3003B on all log files under /var/log/* and only
> found the following line to show up:
>
> Dec 11 05:31:27 batch-ca4-02 postfix/cleanup[31691]: warning: 8A2993E3003B:
> re
Sahil Tandon:
> These warnings appear a few times daily, and are sometimes followed by:
>
> warning: disabling connection caching
>
> This occurs on a slightly older Postfix (2.7.1). The machine receives
> mail from the internet and relays everything (that it does not reject)
> to an internal m
Hi all
I need to understand why bounced emails sometimes don't have smtp status
code and is it available to add code for them? And also about emails that
are delivered to mailbox they don't have status code ?
Regards
Amira Othman:
> Hi all
>
> I need to understand why bounced emails sometimes don't have smtp status
> code and is it available to add code for them? And also about emails that
> are delivered to mailbox they don't have status code ?
According to RFC 3461:
(i) For DSNs resulting from attempts
On 12/15/2011 5:44 AM, Joe Wong wrote:
> Hello,
>
> is it possible to configure postfix not to send email with
> recipient domains to certain MX host?
>
> - Joe
>
http://www.postfix.org/postconf.5.html#check_recipient_mx_access
On 12/15/2011 2:30 AM, Tom Kinghorn wrote:
> Morning List.
>
> Sorry for the trivial question.
>
> I was just wondering where the best place for the fqrdns.regexp
> "check_client_access".
>
> I see on the systems I have inherited, it is in the
> "smtpd_client_restrictions" which makes sense howe
I'd like to use postcreen as some kind of spam protection. According to
documentation
* postscreen(8) should not be used on SMTP ports that receive mail
from end-user clients (MUAs). In a typical deployment, postscreen(8) is
used on the "port 25" service, while MUA clients submit mail via the
On Thursday 15 December 2011 01:34:53 Tomas Macek wrote:
> I'd like to have an whitelist based on hash: table, for
> example this http://www.howtoforge.com/how-to-whitelist-hosts-
> ip-addresses-in-postfix - it's simple.
>
> When I have a line
>
> 1.2.3.4 REJECT You were blacklisted
>
> it
Tomas Macek:
> I'd like to use postcreen as some kind of spam protection. According to
> documentation
>
> * postscreen(8) should not be used on SMTP ports that receive mail
> from end-user clients (MUAs). In a typical deployment, postscreen(8) is
> used on the "port 25" service, while MUA clie
On Thursday 15 December 2011 07:53:35 Tomas Macek wrote:
> I'd like to use postcreen as some kind of spam protection.
> According to documentation
>
> * postscreen(8) should not be used on SMTP ports that receive mail
> from end-user clients (MUAs). In a typical deployment,
> postscreen(8) is used
On Thu, Dec 15, 2011 at 08:19:18AM -0600, /dev/rob0 wrote:
> On Thursday 15 December 2011 07:53:35 Tomas Macek wrote:
> > I'd like to use postcreen as some kind of spam protection.
> > According to documentation
> >
> > * postscreen(8) should not be used on SMTP ports that receive mail
> > from en
G?bor L?n?rt:
> On Thu, Dec 15, 2011 at 08:19:18AM -0600, /dev/rob0 wrote:
> > On Thursday 15 December 2011 07:53:35 Tomas Macek wrote:
> > > I'd like to use postcreen as some kind of spam protection.
> > > According to documentation
> > >
> > > * postscreen(8) should not be used on SMTP ports tha
Hi Postfix Gurus!
Is there a possibility to store all incoming mail in a central folder at
postfix level. I am trying to find a nasty bug in one of our backend
systems which corrupts mail data before they arrive in the users's
inbox. Therefore i would like to store all imcoming mail unaltered
befor
On Thursday 15 December 2011 08:24:51 Gábor Lénárt wrote:
> On Thu, Dec 15, 2011 at 08:19:18AM -0600, /dev/rob0 wrote:
> > On Thursday 15 December 2011 07:53:35 Tomas Macek wrote:
> > > But we have clients, that send mails on both port 25 and
> > > 587. I really cannot use postscreen? I don't under
/dev/rob0:
> The old default of most MUAs to use port 25 was wrong, and it is now
> coming back to haunt you. That said, you have workarounds:
>
> - Use a different IP address for port 25 MX and submission mail
I've added this one to the documentation (a dedicated, non-MX,
submission service on
On Thu, Dec 15, 2011 at 04:30:34PM CET, Michael Weissenbacher
said:
> Hi Postfix Gurus!
> Is there a possibility to store all incoming mail in a central folder at
> postfix level. I am trying to find a nasty bug in one of our backend
> systems which corrupts mail data before they arrive in the us
On Thu, Dec 15, 2011 at 09:35:19AM -0600, /dev/rob0 wrote:
> > I am thinking to use postscreen with mail submission server as
> > well since its rbl check seems to be better in performance than
> > using smtpd's one.
>
> The difference is in how it is done. smtpd checks each DNSBL in
> sequence,
OK, I set notify_classes = resource, software, 2bounce
I tested with various bad email addresses in various scenarios.
The undeliverable notification always is sent to either:
the user's gmail mailbox.
the postmaster.
Here's how it works:
If localhost config is incorrect, then
postmaster
Hi!
>
> You can do this with recpients_bcc_maps
>
Well, as far as i know this just adds a "bcc" address to the message and
as a result the mail would still pass through amavis and through the
smarthost before leaving the system, thus it would get altered (and
destroyed if i hit the bug).
Hi,
I tried, it works but not the way I would like to implement. Say sender
sent a email to 3 recipients, one of them hit the rule. What I want is
sender will not get any bounce but the offending recipient will simply
dropped, while the other 2 will still get the email. Is this possible?
- Joe
On 15/12/2011 16:24, Michael Weissenbacher wrote:
Hi!
You can do this with recpients_bcc_maps
Well, as far as i know this just adds a "bcc" address to the message and
as a result the mail would still pass through amavis and through the
smarthost before leaving the system, thus it would get al
schrieb Mark Goodge:
> On 15/12/2011 16:24, Michael Weissenbacher wrote:
>> Hi!
>>>
>>> You can do this with recpients_bcc_maps
>>>
>> Well, as far as i know this just adds a "bcc" address to the message and
>> as a result the mail would still pass through amavis and through the
>> smarthost before
It should be delivered via the local transport, just set "-o content_filter="
under local in master.cf to override.
Kind Regards,
James Day
(IT Engineer)
Ontraq Limited
Tel: 01245 265100
Fax: 01245 265700
Web: www.ontraq.com
-Original Message-
From: owner-postfix-us...@postfix.org
On 15/12/2011 16:58, Michael Weissenbacher wrote:
schrieb Mark Goodge:
On 15/12/2011 16:24, Michael Weissenbacher wrote:
Hi!
You can do this with recpients_bcc_maps
Well, as far as i know this just adds a "bcc" address to the message and
as a result the mail would still pass through amavis
On 12/15/2011 10:34 AM, Joe Wong wrote:
> Hi,
>
> I tried, it works but not the way I would like to implement. Say
> sender sent a email to 3 recipients, one of them hit the rule. What
> I want is sender will not get any bounce but the offending recipient
> will simply dropped, while the other 2
Original Message
Subject: Re: Possibility to store all incoming mail (pre-content_filter)
From: Mark Goodge
To: postfix-users@postfix.org
Date: Thu Dec 15 2011 18:04:06 GMT+0100 (CET)
> On 15/12/2011 16:58, Michael Weissenbacher wrote:
>> schrieb Mark Goodge:
>>> On 15/12/2011
What about tcpdump capture?, then you can reasemble te tcp stream and see whats
going on.
You can save the capture to a file, then with wireshark you can reasemble the
tcpstream looking to those emails like in postfix. You can capture traffic
before your mta gets it.
Regards.
Saludos
Ing. Al
schrieb Alfonso Alejandro Reyes Jimenez:
> What about tcpdump capture?, then you can reasemble te tcp stream and see
> whats going on.
>
> You can save the capture to a file, then with wireshark you can reasemble the
> tcpstream looking to those emails like in postfix. You can capture traffic
>
On 12/15/2011 11:14 AM, Michael Weissenbacher wrote:
> Yeah, unlikely but possible. In fact the mail passes through 2 filters
> before being returned to postfix:
> postfix:25 -> amavis:10024 -> apache-james:10025 -> postfix:10026 ->
> smarthost
>
> All i can tell is that some mails (like 1 out of
schrieb James Day:
> It should be delivered via the local transport, just set "-o content_filter="
> under local in master.cf to override.
>
Clever. Tried it, but somehow it doesn't work. Mail still passes through
all the filters first. Maybe it's because of my odd filter chain:
postfix:25 -> ama
Michael,
> Yeah, unlikely but possible. In fact the mail passes through 2 filters
> before being returned to postfix:
> postfix:25 -> amavis:10024 -> apache-james:10025 -> postfix:10026 ->
> smarthost
>
> All i can tell is that some mails (like 1 out of 2) get corrupted in
> the process and e
>
> You may enable archive quarantine in your pre-queue amavis,
> e.g.:
>
> $archive_quarantine_method = 'local:archive-%m';
> $archive_quarantine_to = 'archive-quarantine'; # default
>
> to be able to compare a corrupted message to what was seen
> by amavisd. This would not help if a pr
schrieb Noel Jones:
>
>
> This sounds like one of the very rare cases where the obscure
> http://www.postfix.org/postconf.5.html#dont_remove
> option might be helpful.
>
> something like
> # main.cf
> dont_remove = 1
> hash_queue_names = deferred, defer, saved
>
> If you expect to have more tha
I wrote:
>
> Just one last question: what is the best way to inspect postfix's queue
> files? They look odd in vim :-)
>
OMG i'm sorry, i just found out about postcat [1] myself, silly me.
[1] http://www.postfix.org/postcat.1.html
Thanks for your help!
cheers,
Michael
On 12/15/2011 12:00 PM, Michael Weissenbacher wrote:
> schrieb Noel Jones:
>>
>>
>> This sounds like one of the very rare cases where the obscure
>> http://www.postfix.org/postconf.5.html#dont_remove
>> option might be helpful.
>>
>> something like
>> # main.cf
>> dont_remove = 1
>> hash_queue_name
schrieb Noel Jones:
>
>
> The previously supplied link suggests using the postcat(1) command.
> http://www.postfix.org/postconf.5.html#dont_remove
> http://www.postfix.org/postcat.1.html
>
>
>
> -- Noel Jones
>
Noel, you have been MOST helpful, thanks again! This substantinates my
choice o
Hi guys,
So far no luck searching for 8A2993E3003B. :(
The system is heavily used. From what I understand this machine relays all mail
to our main mx server and we have a lot of email being relayed daily. The
strange part is that it works all week up until late Saturday/Sunday in the AM
hours.
On 15/12/2011, at 5:28 PM, Noel Jones wrote:
>>
>> Thanks again... what if i just wanted postfix to check a mysql-based list of
>> approved sending email addresses and/or domains? e.g. NOT associate it with
>> a SASL login but has an approved sender list. e.g. all SASL login's would be
>> abl
On 12/15/2011 2:12 PM, Simon wrote:
>
> On 15/12/2011, at 5:28 PM, Noel Jones wrote:
>
>>>
>>> Thanks again... what if i just wanted postfix to check a mysql-based list
>>> of approved sending email addresses and/or domains? e.g. NOT associate it
>>> with a SASL login but has an approved sender
Gonzo Fernandez:
> Hi guys,
>
> So far no luck searching for 8A2993E3003B. :(
Can you then show some other pickup records?
Wietse
Wietse Venema:
> Gonzo Fernandez:
> > Hi guys,
> >
> > So far no luck searching for 8A2993E3003B. :(
>
> Can you then show some other pickup records?
In particular I am looking for NON-ERROR LOGGING from the pickup
daemon around the time of the incident.
Wietse
I run my own domain off a dynamic IP but all my postfix uses relayhost set to
smtp.myisp.
This works 99.9% of the time but I have encountered two recipients who use
Barracuda's that block email from my domain.
The bounce includes "(reason: 554 Service unavailable; Client host [smtp.myisp]
block
On Thursday, December 15, 2011 at 21:41:51 UTC, bjloc...@lockie.ca confabulated:
> I run my own domain off a dynamic IP but all my postfix uses relayhost set to
> smtp.myisp.
> This works 99.9% of the time but I have encountered two recipients
> who use Barracuda's that block email from my domain
On Thu, Dec 15, 2011 at 04:41:51PM -0500, James wrote:
> I run my own domain off a dynamic IP but all my postfix uses relayhost set to
> smtp.myisp.
> This works 99.9% of the time but I have encountered two recipients who use
> Barracuda's that block email from my domain.
>
> The bounce includes
Am 15.12.2011 22:41, schrieb James:
> I run my own domain off a dynamic IP but all my postfix uses relayhost set to
> smtp.myisp.
> This works 99.9% of the time but I have encountered two recipients who use
> Barracuda's that block email from my domain.
>
> The bounce includes "(reason: 554 Serv
On Thu, Dec 15, 2011 at 11:49:35AM -0800, Gonzo Fernandez wrote:
> /var/log/maillog:Dec 14 04:03:07 batch-ca4-02 postfix/sendmail[12280]: fatal:
> root(0): queue file write error
> /var/log/maillog:Dec 15 12:03:07 batch-ca4-02 postfix/postdrop[21744]:
> warning: uid=0: Illegal seek
In addition t
Am 15.12.2011 22:54, schrieb Robert Schetterer:
> you can try to delete your dny ip from the header
>
> read .i.e for ideas
>
> http://blog.tenak.net/2011/04/2011-04-dont-send-client-ip-postfix.html
you can not because you are not in the position to change
any "received from" of the target-se
Am 15.12.2011 22:54, schrieb Robert Schetterer:
> Am 15.12.2011 22:41, schrieb James:
>> I run my own domain off a dynamic IP but all my postfix uses relayhost set
>> to smtp.myisp.
>> This works 99.9% of the time but I have encountered two recipients who use
>> Barracuda's that block email from
On Thursday 15 December 2011 15:50:42 Duane Hill wrote:
> On Thursday, December 15, 2011 at 21:41:51 UTC, bjloc...@lockie.ca
> confabulated:
> > I run my own domain off a dynamic IP but all my postfix uses
> > relayhost set to smtp.myisp. This works 99.9% of the time but I
> > have encountered two
On Thu, 2011-12-15 at 07:09:15 -0500, Wietse Venema wrote:
> Sahil Tandon:
> > These warnings appear a few times daily, and are sometimes followed by:
> >
> > warning: disabling connection caching
> >
> > This occurs on a slightly older Postfix (2.7.1). The machine receives
> > mail from the i
Sahil Tandon:
> Dec 14 02:00:13 mx0 postfix/smtp[52172]: 82A9D8FC0A:
> to=, relay=internal.example.org[ip_address]:25,
> delay=1.8, delays=0.66/0/0/1.1, dsn=2.0.0, status=sent (250 2.0.0 Ok:
> queued as 47E9B1065670)
> Dec 14 02:00:18 mx0 postfix/smtp[52172]: warning: problem talking to
> service p
Lorens,
Thanks for your info about the mailbox size limit. I do have log watch running
and have not received any emails. Took care of that by expanding the size limit
to 20MB. As for doing a grep search on 884643E30022 (The ID that said stuck in
queue for 1 day), here is the output:
# egrep 88
Gonzo Fernandez:
> # egrep 884643E30022 /var/log/maillog
>
> Dec 12 10:08:50 batch-ca4-02 postfix/pickup[26935]: warning: 884643E30022:
> message has been queued for 1 days
> Dec 12 10:08:50 batch-ca4-02 postfix/pickup[26935]: 884643E30022: uid=500
> from=
What user acccount has uid=500? Is thi
Hi Wietse,
The UID 500 is from our batch email not spam. It constantly sends out emails to
our clients on a regular basis. Also, I turned off verbose logging on all
options. I originally turned it on to try and figure out why it was getting
stuck on the weekends, but now it is off. I will see i
On 12/15/2011 7:42 AM, Noel Jones wrote:
> On 12/15/2011 2:30 AM, Tom Kinghorn wrote:
>> Morning List.
>>
>> Sorry for the trivial question.
>>
>> I was just wondering where the best place for the fqrdns.regexp
>> "check_client_access".
>>
>> I see on the systems I have inherited, it is in the
>> "
On 12/15/2011 8:19 AM, /dev/rob0 wrote:
> The old default of most MUAs to use port 25 was wrong, and it is now
> coming back to haunt you. That said, you have workarounds:
>
> - Use a different IP address for port 25 MX and submission mail
If *all* your MUAs submitting to TCP 25 are on a known
On 12/15/2011 11:14 AM, Michael Weissenbacher wrote:
> All i can tell is that some mails (like 1 out of 2) get corrupted in
> the process and end up being unusable. I cannot disable amavis
> completely as spam hell would break lose. I cannot disable apache-james
> because it contains some cust
On Thu, Dec 15, 2011 16:34:08 PM -0600, /dev/rob0 wrote:
> Barracuda "Deep header parsing" is a disaster. A large percentage of
> legitimate mail from end users on dynamic IP addresses (most people
> are in that group) will be blocked.
Right. This is a well known fact. 2 years ago I publicly re
62 matches
Mail list logo
