OS:Gentoo latest built with kernel 3.2.1 with hardened profile
POSTFIX: v 2.9.1
when i'm configuring on master.cf some listening to port on ip address
that doesn't exist on any interface such as for communicating with
amavis (as if my ip is 192.168.0.20 and i will put 192.168.0.21:25 )
postfix w
On 05.03.2012 19:39, Wietse Venema wrote:
>> 366AE26E2B: to=, relay=s2.mydomain.de[192.168.1.1]:25,
>> ..., dsn=4.7.5, status=deferred (Server certificate not verified)
>> ==
>>
>> So my understanding of the difference between "verify
Hello
I have a small problem with LDAP aliases at 2.9.1
but cannot find what I missed ...
in main.cf I have the following
alias_maps = hash:/etc/mail/aliases,
ldap:/usr/local/etc/postfix/ldap-aliases.cf
in ldap-aliases.cf I have the following
server_host = my.ldap.server
search_base = ou=Us
Eliezer Croitoru:
> OS:Gentoo latest built with kernel 3.2.1 with hardened profile
> POSTFIX: v 2.9.1
> when i'm configuring on master.cf some listening to port on ip address
> that doesn't exist on any interface such as for communicating with
> amavis (as if my ip is 192.168.0.20 and i will put
Wietse Venema:
> Eliezer Croitoru:
> > OS:Gentoo latest built with kernel 3.2.1 with hardened profile
> > POSTFIX: v 2.9.1
> > when i'm configuring on master.cf some listening to port on ip address
> > that doesn't exist on any interface such as for communicating with
> > amavis (as if my ip is 1
On Tue, Mar 6, 2012 at 8:36 AM, Frank Bonnet wrote:
>
> in main.cf I have the following
>
> alias_maps = hash:/etc/mail/aliases,
> ldap:/usr/local/etc/postfix/ldap-aliases.cf
>
> in ldap-aliases.cf I have the following
>
> server_host = my.ldap.server
> search_base = ou=Users,dc=xxx,dc=xx
> query_
On Tue, 06 Mar 2012 12:37:02 +0200
Eliezer Croitoru articulated:
> OS:Gentoo latest built with kernel 3.2.1 with hardened profile
> POSTFIX: v 2.9.1
> when i'm configuring on master.cf some listening to port on ip
> address that doesn't exist on any interface such as for communicating
> with amavi
On Mar 5, 2012, at 8:41 PM, David Renstrom wrote:
> Hi,
>
> I've set up a mail server with Postfix and Dovecot using virtual mailboxes.
> I'm now trying to get mailman to work together with Postfix which has turned
> out to be harder than I thought. :(
...
> I think I have entered everything c
On Tue, Mar 06, 2012 at 07:03:04AM -0500, Wietse Venema wrote:
> > /etc/postfix/master.cf:
> > 1.2.3.4:25 inet n - n - 1 whatever
> >
> > # postfix stop
> > # postfix start
> > # tail -3 /var/log/maillog
> > Mar 6 06:53:25 tail postfix/master[60082]: terminating
On 03/06/2012 01:09 PM, Reinaldo de Carvalho wrote:
On Tue, Mar 6, 2012 at 8:36 AM, Frank Bonnet wrote:
in main.cf I have the following
alias_maps = hash:/etc/mail/aliases,
ldap:/usr/local/etc/postfix/ldap-aliases.cf
in ldap-aliases.cf I have the following
server_host = my.ldap.server
search
Eray Aslan:
> # postfix start
> postfix/postfix-script: starting the Postfix mail system
> # echo $?
> 0
As documented in the Postfix manpage:
start Start the Postfix mail system. This also runs the configuration
check described above.
status Indicate if the Postfix mail system
On Mon, Mar 05, 2012 at 08:05:54PM -0500, Wietse Venema wrote:
> Ben Rosengart:
> > On Mon, Mar 05, 2012 at 02:30:16PM -0500, Wietse Venema wrote:
> > > Ben Rosengart:
> > > > > then use smtp_generic_maps, to convert from the Postfix-canonical
> > > > > form to that specific external form.
> > > >
On Tue, Mar 06, 2012 at 08:40:16AM -0500, Wietse Venema wrote:
>start Start the Postfix mail system. This also runs the configuration
> check described above.
>
>status Indicate if the Postfix mail system is currently running.
This does introduce a non-negligible delay in startu
On Tue, Mar 06, 2012 at 11:52:54AM +0100, Robert Dahlem wrote:
> /etc/postfix/transport:
> test1.prv smtp:[s2.mydomain.de]
> /etc/postfix/tls_policy:
> [s2.mydomain.de]verify
> ==
> s2.mydomain.de[192.168.1.1]:25: Trus
Eray Aslan:
> On Tue, Mar 06, 2012 at 08:40:16AM -0500, Wietse Venema wrote:
> >start Start the Postfix mail system. This also runs the configuration
> > check described above.
> >
> >status Indicate if the Postfix mail system is currently running.
>
> This does introduce a non-ne
Le 06/03/2012 17:48, Wietse Venema a écrit :
Eray Aslan:
On Tue, Mar 06, 2012 at 08:40:16AM -0500, Wietse Venema wrote:
start Start the Postfix mail system. This also runs the configuration
check described above.
status Indicate if the Postfix mail system is currently run
Hi,
I have a postfix-2.8.7 system with amavisd on fedora15 and am having
some problems with users being rejected by zen even when connecting to
the server using the submission port. I believe this has to do with my
smtpd_client_restrictions being incorrect. Because of the way in which
I have the o
On 06.03.2012 16:57, Viktor Dukhovni wrote:
>> It's just that its CN does not match the server name, but that
>> should be ok when using "verify" (and not when using "secure").
> Considering that Postfix documentation does not say this, and
> clearly states the opposite, you're just overloading y
With the newer postfix releases (such as 2.9.x), some keys only exist when
a feature is enabled. For example: policy_time_limit
If I set policy_time_limit and then later disable using a policy, I can't
find a way to get it deleted from main.cf with postconf. If I set it to an
empty value, it
Quanah Gibson-Mount:
> With the newer postfix releases (such as 2.9.x), some keys only exist when
> a feature is enabled. For example: policy_time_limit
Correct.
> If I set policy_time_limit and then later disable using a policy, I can't
> find a way to get it deleted from main.cf with postcon
--On Tuesday, March 06, 2012 1:11 PM -0500 Wietse Venema
wrote:
Hi Wietse,
I noted in my initial email why this is not desirable solution.
# postconf -# policy_time_limit
After:
/etc/postfix/main.cf:
#policy_time_limit = foo
#policy_time_limit = bar
The problem with this approach is
On Tue, Mar 06, 2012 at 11:48:35AM -0500, Wietse Venema wrote:
> I think that making everyone wait would be another example of
> well-meaning people doing things that give Postfix a bad reputation.
postfix start exits successfully but postfix doesn't work, resulting in a
WTF moment for the user.
On 3/6/2012 10:48 AM, Wietse Venema wrote:
> - Turning on chroot by default. Many Debian etc. users get into
> trouble when they make an innocuous configuration change to the
> SMTP daemon. Postfix has no defense for this brain damage.
Is this the syslog socket issue Wietse or another issue? Deb
Quanah Gibson-Mount:
> --On Tuesday, March 06, 2012 1:11 PM -0500 Wietse Venema
> wrote:
>
> Hi Wietse,
>
> I noted in my initial email why this is not desirable solution.
I ignored your objection, because it made no sense to me. I have
learned that is it better to ignore things that make no s
Eray Aslan:
> On Tue, Mar 06, 2012 at 11:48:35AM -0500, Wietse Venema wrote:
> > I think that making everyone wait would be another example of
> > well-meaning people doing things that give Postfix a bad reputation.
>
> postfix start exits successfully but postfix doesn't work, resulting in a
> WT
On 3/6/2012 11:03 AM, Alex wrote:
> I've just noticed I'm using reject_rbl_client and have postscreen
> using the RBLs as well. I'll remove the ones from the
> smtpd_client_restrictions, but could this possibly be causing mail to
> be rejected even when connecting via the submission port?
> Any i
Sorry for the long post, but I am leaving in the entire quoted
message.
On Tue, Mar 06, 2012 at 12:03:23PM -0500, Alex wrote:
> I have a postfix-2.8.7 system with amavisd on fedora15 and am
> having some problems with users being rejected by zen even when
> connecting to the server using the su
On 3/6/2012 11:03 AM, Alex wrote:
> --master.cf--
> submission inet n - n - - smtpd
> -o smtpd_tls_security_level=encrypt
> -o smtpd_sasl_auth_enable=yes
> -o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o smtpd_recipient_restrictions=
-o
On 03/06/12 14:10, Wietse Venema wrote:
> Eray Aslan:
>> On Tue, Mar 06, 2012 at 11:48:35AM -0500, Wietse Venema wrote:
>>> I think that making everyone wait would be another example of
>>> well-meaning people doing things that give Postfix a bad reputation.
>>
>> postfix start exits successfully b
Michael Orlitzky:
> backup2 ~ # killall -9 /usr/lib64/postfix/master
> backup2 ~ # /etc/init.d/postfix start
>* WARNING: postfix has already been started
That is a bug in an init script, and is the responsibility
of the OS-specific maintainer. Postfix does not provide
init/upstart/systemd/
On 3/6/2012 1:23 PM, /dev/rob0 wrote:
> My two cents on that: when implementing postscreen, leave your
> smtpd_*_restrictions alone. They were working before, so keep them in
> reserve. For example, when under stress, it is possible that DNSBL
> queries will not return before the 2-second timeo
On Tue, Mar 06, 2012 at 10:44:02AM -0500, Ben Rosengart wrote:
> On Mon, Mar 05, 2012 at 08:05:54PM -0500, Wietse Venema wrote:
> >
> > You need to rewrite (sender and non-sender) addresses based on the sender?
>
> Just sender addresses.
Lost interest, Wietse? :-)
Am I going in the right direc
On Tue, Mar 06, 2012 at 02:30:59PM -0500, Michael Orlitzky wrote:
> either. Right now the problem is easy to understand: half of the time on
> Gentoo, the startup "OK" is meaningless. Everyone knows this, and
> figures out how to deal with it quickly:
>
> backup2 ~ # /etc/init.d/postfix stop
>
Ben Rosengart:
> On Tue, Mar 06, 2012 at 10:44:02AM -0500, Ben Rosengart wrote:
> > On Mon, Mar 05, 2012 at 08:05:54PM -0500, Wietse Venema wrote:
> > >
> > > You need to rewrite (sender and non-sender) addresses based on the sender?
> >
> > Just sender addresses.
>
> Lost interest, Wietse? :-)
On Tue, Mar 06, 2012 at 01:30:59PM -0600, Stan Hoeppner wrote:
> On 3/6/2012 11:03 AM, Alex wrote:
>
> > --master.cf--
> > submission inet n - n - - smtpd
> > -o smtpd_tls_security_level=encrypt
> > -o smtpd_sasl_auth_enable=yes
> > -o smtpd_client_restrictions=
Hi,
>> I've just noticed I'm using reject_rbl_client and have postscreen
>> using the RBLs as well. I'll remove the ones from the
>> smtpd_client_restrictions, but could this possibly be causing mail to
>> be rejected even when connecting via the submission port?
>
>> Any ideas greatly appreciated
Eray Aslan:
> On Tue, Mar 06, 2012 at 02:30:59PM -0500, Michael Orlitzky wrote:
> > either. Right now the problem is easy to understand: half of the time on
> > Gentoo, the startup "OK" is meaningless. Everyone knows this, and
> > figures out how to deal with it quickly:
> >
> > backup2 ~ # /etc
On Tue, Mar 06, 2012 at 04:01:47PM -0500, Wietse Venema wrote:
> So you need a way for "postfix start" that returns status 0 if the
> master(8) daemon initalizes successfully, and non-zero otherwise.
Correct.
> I think this can be done by starting the master as a foreground
> process. The foregr
On Tue, Mar 06, 2012 at 03:20:30PM -0500, Wietse Venema wrote:
> Ben Rosengart:
> > On Tue, Mar 06, 2012 at 10:44:02AM -0500, Ben Rosengart wrote:
> > > On Mon, Mar 05, 2012 at 08:05:54PM -0500, Wietse Venema wrote:
> > > >
> > > > You need to rewrite (sender and non-sender) addresses based on the
On 3/6/2012 2:25 PM, /dev/rob0 wrote:
> On Tue, Mar 06, 2012 at 01:30:59PM -0600, Stan Hoeppner wrote:
>> On 3/6/2012 11:03 AM, Alex wrote:
>>
>>> --master.cf--
>>> submission inet n - n - - smtpd
>>> -o smtpd_tls_security_level=encrypt
>>> -o smtpd_sasl_auth_enabl
On 3/6/2012 2:46 PM, Alex wrote:
>> On 2/23/2012 1:50 PM, Alex wrote:
>>
>>> I've removed the zen and psbl queries from smtpd and moved psbl to
>>> postscreen.
>>
>> You claimed to have made this change a couple of weeks ago per my
>> advice, and confirmed said change to Wietse. Did you change it
On Tue, Mar 06, 2012 at 04:44:26PM -0600, Stan Hoeppner wrote:
> On 3/6/2012 2:25 PM, /dev/rob0 wrote:
> > On Tue, Mar 06, 2012 at 01:30:59PM -0600, Stan Hoeppner wrote:
> >> On 3/6/2012 11:03 AM, Alex wrote:
> >>
> >>> --master.cf--
> >>> submission inet n - n - - smt
I'm looking to change the return-path of email so all email coming out
of our servers comes back to a common mailbox. My master.cf i have
added
filter unix - n n - - pipe
flags=Rq user=filter argv=/etc/postfix/filter -f ${sender} -- ${recipient}
My filter looks l
On Tue, Mar 06, 2012 at 03:56:50PM -0800, Mike Zupan wrote:
> I'm looking to change the return-path of email so all email
> coming out of our servers comes back to a common mailbox.
So that *bounces* go to a common mailbox? If this is for bulk mail,
simply change the software that is sending the
Mike Zupan:
> I'm looking to change the return-path of email so all email coming out
> of our servers comes back to a common mailbox. My master.cf i have
> added
As documented in the Internet mail RFCs, the return-path header
is prepended upon final delivery. Editing the header in transit
is poin
On 06/03/2012 21:10, Wietse Venema wrote:
Eray Aslan:
On Tue, Mar 06, 2012 at 11:48:35AM -0500, Wietse Venema wrote:
I think that making everyone wait would be another example of
well-meaning people doing things that give Postfix a bad reputation.
postfix start exits successfully but postfix
On 06/03/2012 21:30, Michael Orlitzky wrote:
On 03/06/12 14:10, Wietse Venema wrote:
Eray Aslan:
On Tue, Mar 06, 2012 at 11:48:35AM -0500, Wietse Venema wrote:
I think that making everyone wait would be another example of
well-meaning people doing things that give Postfix a bad reputation.
p
Eliezer Croitoru:
> i dont care about any init scripts on whatever else then when there is
> this specific problem of mismatching binding an ip that dosnt exist to
> be checked using the "postfix check" method on terminal and not only on log.
Sorry, only the master daemon knows that it can't acc
On 06/03/2012 14:17, Jerry wrote:
On Tue, 06 Mar 2012 12:37:02 +0200
Eliezer Croitoru articulated:
OS:Gentoo latest built with kernel 3.2.1 with hardened profile
POSTFIX: v 2.9.1
when i'm configuring on master.cf some listening to port on ip
address that doesn't exist on any interface such as f
I have uploaded a feature patch that changes "postfix start"
so that it returns after the master daemon has initialized.
This works around a problem on some Linux systems. These don't use
"postfix status" to find out if the mail system still runs. Instead
they just make up something and claim that
Hi,
>> My apologies; this is for a similar, but different system. It looks
>> like I've made the same mistake on multiple systems. I'm very
>
> Ahh, ok, that would explain the discrepancy.
>
>> appreciative that you remembered my similar issue from weeks ago :-)
>
> After helping you with that, an
Hi,
>> I've just noticed I'm using reject_rbl_client and have postscreen
>> using the RBLs as well. I'll remove the ones from the
>> smtpd_client_restrictions, but could this possibly be causing mail to
>> be rejected even when connecting via the submission port?
>
> My two cents on that: when imp
Hi,
--master.cf--
submission inet n - n - - smtpd
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
>>>
>>> -o smtpd_recipient_restrictions=
>>
>> This wil
On 3/6/2012 8:01 PM, Alex wrote:
> I don't recall seeing an email from you with that information. Can I
> ask you to resend, and I'll follow up with her?
It was delivered to your Gmail mailbox yesterday:
/var/log/mail.log:Mar 5 16:37:55 greer postfix/smtp[25300]: CB3636C052:
to=,
relay=gmail-sm
On Tue, Mar 06, 2012 at 06:19:59PM +0100, Robert Dahlem wrote:
> Default strategy for "verify": ask DNS about MX, then check if the
> servers CN matches. Check if the trust chain is valid.
Yes, though there is no promise of whether the name or the trust
chain is checked first. Both need to be acc
On 3/6/2012 8:49 PM, Alex wrote:
>>-o smtpd_recipient_restrictions=permit_mynetworks,reject
> Isn't this effectively what I already have? I must be missing
> differences somewhere?
You're missing a recipient_restrictions override. Without one, your
submission connections are subject to
On 07/03/2012 02:33, Wietse Venema wrote:
Eliezer Croitoru:
i dont care about any init scripts on whatever else then when there is
this specific problem of mismatching binding an ip that dosnt exist to
be checked using the "postfix check" method on terminal and not only on log.
Sorry, only the
On Tue, Mar 06, 2012 at 04:01:47PM -0500, Wietse Venema wrote:
> So you need a way for "postfix start" that returns status 0 if the
> master(8) daemon initalizes successfully, and non-zero otherwise.
>
> I think this can be done by starting the master as a foreground
> process. The foreground ma
58 matches
Mail list logo
