Re: STARTTLS and mailservers who choke on it

* Per Jessen : > I'm wondering how others handle this. We offer TLS for all inbound > traffic, which works fine 99% of the time. Every other day though I > notice one or two mailservers who simply cannot cope with it. They try, > but they keep getting a timeout. Something is clearly not working

Re: STARTTLS and mailservers who choke on it

Am 29.03.2012 09:35, schrieb Ralf Hildebrandt: > * Per Jessen : >> I'm wondering how others handle this. We offer TLS for all inbound >> traffic, which works fine 99% of the time. Every other day though I >> notice one or two mailservers who simply cannot cope with it. They try, >> but they keep

First post, first question

Hi, This is my first post on this list, I'm a french sys/admin using postfix now from more tyhan 10 years ago, but always with small traffic and end-user needs. I'm working at pilotsystems.net a small french free software service company. We have a mailing solution called http://cockpit-maili

Encrypt attachments

Hi! For a customer i have to implement "on the fly" encryption for attachments. Means: 1) Send Mail to Customer - Postfix receive email by smtp from local sender - Check if Recipient is in DB. If not => Forward message by smtp to customer - If customer is in DB, detach Attachm

Re: LoadShared Failover

Hi List, I have now looked all over the web to try and find best possible solution for me... (redundant loadshared sending-only mailgw)... this is currently what I think of doing...: 1. Setup 2 postfix servers in 2 physical different location with same configuration (handles by our HostConfigurati

Re: FW: Postfix delivery to openldap users

On 29/3/2012 9:03 πμ, Priscilla V wrote: Postmap -q ldap:/etc/postfix/ldap.cf Is not giving any output. It returns silently. Have you changed: query_filter = (mail=%s) to: query_filter = (mail=%u) as was suggested (if you are still using alias_maps)? Ref: http://www.postfix.org/ld

postfix REGEX bug ???

I'm using postfix (2.7.0 on Ubuntu Linux 10.04.3) as mail relay and antispam filter. It's set up and works perfectly except one small bug. I use smtpd_client_restrictions to filter SMTP clents as following: smtpd_client_restrictions = permit_mynetworks, reject_unknown_client_ho

Re: postfix REGEX bug ???

* Женя : > I'm using postfix (2.7.0 on Ubuntu Linux 10.04.3) as mail relay and antispam > filter. It's set up and works perfectly except one small bug. > I use smtpd_client_restrictions to filter SMTP clents as following: > > smtpd_client_restrictions = >permit_mynetworks, >r

Re: Encrypt attachments

Zitat von Kai Szymanski : Hi! For a customer i have to implement "on the fly" encryption for attachments. Means: 1) Send Mail to Customer - Postfix receive email by smtp from local sender - Check if Recipient is in DB. If not => Forward message by smtp to customer - If cus

Re: Enabled SMTP AUTH but mails from external networks still being rejected

Am 29.03.2012 12:08, schrieb Phill Edwards: > > Am 28.03.2012 15:31, schrieb Phill Edwards: > > I have had a Postfix SMTP server on my LAN for a long time and it works > really well for delivering my email via > > relayhost = smtp.example.com >

Re: postfix REGEX bug ???

On 29/03/12 10:51, Женя wrote: > I'm using postfix (2.7.0 on Ubuntu Linux 10.04.3) as mail relay and > antispam filter. It's set up and works perfectly except one small > bug. I use smtpd_client_restrictions to filter SMTP clents as > following: > > smtpd_client_restrictions = permit_mynetworks,

Re: postfix REGEX bug ???

: > /google\.com/ OK > /mail\.ru/ OK You mean: /^google\.com$/ /^mail\.ru$/ RTFM! Wietse

Re: Enabled SMTP AUTH but mails from external networks still being rejected

> > > I have now set up SMTP AUTH and it's working when sening emails from PCs > on > > my LAN. But when I send emails from outside (eg from my mobile phone) I > get > > these errors: > > Hopefully it's as simple as fixing the smtpd restrictions: > > > smtpd_client_restrictions = permit_mynetworks,

Re: LoadShared Failover

Michael Maymann: > ; zone file fragment > IN MX 10 mail.example.com > . > > mailIN A 10.10.10.100 > IN A 10.10.20.100 > > 3. Clients will use mail.example.com as server. > > Only problem I see now is when one of the postfix servers dies. Clients > will st

RE: FW: Postfix delivery to openldap users

Even after changing it to %u the postmap command is not returning any value. Regards Priscilla -Original Message- From: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org] On Behalf Of Nikolaos Milas Sent: Thursday, March 29, 2012 1:47 PM To: 'Postfix users' Subject:

Re: Encrypt attachments

Hi Andreas, That's why e-mail encryption (S/MIME, PGP) was invented for. Why reinvent the wheel? You are right...and not ;) Problem: If we use for example gpg rhe !other side! also have to use gpg and needs to have a key infrastructure implemented. Most of the "customer customers" don't hav

Re: FW: Postfix delivery to openldap users

On 29/3/2012 2:13 μμ, Priscilla V wrote: Even after changing it to %u the postmap command is not returning any value. You could run: postmap -vvv -q ldapuser ldap:/etc/postfix/ldap.cf and try to see where is the problem. Also, try to run a simple ldapsearch on the same machine with the s

Re: Enabled SMTP AUTH but mails from external networks still being rejected

if "permit_sasl_authenticated" is before restricitions the client can always > authenticate, this is how the tings are working > Thaks for the info. > > > P.S.: please do not reply offlist! > Yes, I noticed that. I didn't mean to, but I find with this particular mailing list when I click reply

Re: First post, first question

On Mar 29, 2012, at 3:43 AM, Rodolphe Quiedeville wrote: > Hi, > > This is my first post on this list, I'm a french sys/admin using postfix now > from more tyhan 10 years ago, but always with small traffic and end-user > needs. I'm working at pilotsystems.net a small french free software servi

Re: First post, first question

Hi Redolphe, I have emailing company in eastern-europe, I personaly like and use the scenario where there is one 'main' postfix, which is configured to relay mails to one address: balance.domain.com, where the balance.domain.com is an bind9 records with 0 ttl which resolv on 20 postfixes

Re: First post, first question

Stoyan Stoyanov a écrit on 29/03/12 14:04: Hi Redolphe, I have emailing company in eastern-europe, I personaly like and use the scenario where there is one 'main' postfix, which is configured to relay mails to one address: balance.domain.com, where the balance.domain.com is an bind9 records with

Re: Enabled SMTP AUTH but mails from external networks still being rejected

On 3/29/2012 6:56 AM, Phill Edwards wrote: > > > smtpd_recipient_restrictions = permit_sasl_authenticated, > > permit_mynetworks, check_relay_domains > > You'll want a reject_unauth_destination after these. > > > Sorry but I don't have any idea what that means. Could you please > explai

RE: LoadShared Failover

From: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org] On Behalf Of Michael Maymann Sent: Thursday, March 29, 2012 4:01 AM To: postfix-users@postfix.org Subject: Re: LoadShared Failover Hi List, Only problem I see now is when one of the postfix servers dies. Clients wi

Re: postfix REGEX bug ???

That's it. Ashamed. Tricky REGEX. Thanks everyone. And thank you for great mail server. > : > > /google\.com/ OK > > /mail\.ru/ OK > > You mean: > > /^google\.com$/ > /^mail\.ru$/ > > RTFM! > > Wietse > >

Re: defer mail for unknown recipients for one domain only

On Wed, Mar 28, 2012 at 12:26:47AM -0500, I wrote: > On Tue, Mar 27, 2012 at 09:43:27PM -0400, Wietse Venema wrote: > > Wietse Venema: > > > /dev/rob0: > > > > On Tue, Mar 27, 2012 at 04:10:59PM -0500, I wrote: > > > > > On Tue, Mar 27, 2012 at 10:21:14PM +0200, Sebastian > > > > > Wiesinger wrote

OT-follow up - postfix REGEX bug ???

Could somebody recommend a "good" tutorial on REGEX and/or PRCE? John A On 29/03/2012 11:35 AM, Женя wrote: That's it. Ashamed. Tricky REGEX. Thanks everyone. And thank you for great mail server. : /google\.com/ OK /mail\.ru/ OK You mean: /^google\.com$/ /^mail\.

Re: OT-follow up - postfix REGEX bug ???

http://rubular.com/ a good place to test and learn... On Mar 29, 2012, at 5:42 PM, john wrote: > Could somebody recommend a "good" tutorial on REGEX and/or PRCE? > John A > > On 29/03/2012 11:35 AM, Женя wrote: >> That's it. Ashamed. >> Tricky REGEX. Thanks everyone. And thank you for great m

Re: defer mail for unknown recipients for one domain only

On Thu, Mar 29, 2012 at 11:44:00AM -0500, I wrote: > I have reviewed this with more lucidity and alertness, but I have > not found any mistake. It seems that the built-in rejection of > unknown users is bound only by the global soft_bounce and these > per-class settings, to wit: > > unknown_loc

Re: postfix REGEX bug ???

On 3/29/2012 5:48 AM, Wietse Venema wrote: > You mean: > > /^google\.com$/ > /^mail\.ru$/ The expression must also match subdomains. /[^.]google\.com$/ /[^.]mail\.ru$/ pesky regexps... always causing trouble. -- Noel Jones

Linux.3 in makedefs & Ubuntu12

I'm testing the ubuntu12 64-bit beta, and had to make the following change to makedefs under the Linux.3 category. Just FYI: --- postfix-2.9.1.2z/makedefs.orig 2012-01-17 17:19:48.0 -0800 +++ postfix-2.9.1.2z/makedefs 2012-03-28 16:43:26.154076634 -0700 @@ -367,7 +373,7 @@

Re: Linux.3 in makedefs & Ubuntu12

Quanah Gibson-Mount wrote: >I'm testing the ubuntu12 64-bit beta, and had to make the following >change >to makedefs under the Linux.3 category. Just FYI: > >--- postfix-2.9.1.2z/makedefs.orig 2012-01-17 17:19:48.0 >-0800 >+++ postfix-2.9.1.2z/makedefs 2012-03-28 16:43:26.15407

smtpd_reject_footer: possible improvement

Hi i really love "smtpd_reject_footer" to put contact informations and a hint that SMTP auth is needed in the response would it not make sense to add the content of "smtpd_reject_footer" to the default-answer instead in a seperated line which can be easily achieved by put \n at the begin i notic

Re: postfix REGEX bug ???

Noel Jones: > On 3/29/2012 5:48 AM, Wietse Venema wrote: > > You mean: > > > > /^google\.com$/ > > /^mail\.ru$/ > > The expression must also match subdomains. > > /[^.]google\.com$/ > /[^.]mail\.ru$/ To match zero or more labels before the domain name: /^([^.]+\.)*google\.com$/

Re: smtpd_reject_footer: possible improvement

Reindl Harald: > > i really love "smtpd_reject_footer" to put contact informations > and a hint that SMTP auth is needed in the response > > would it not make sense to add the content of "smtpd_reject_footer" > to the default-answer instead in a seperated line which can be > easily achieved by pu

Re: Linux.3 in makedefs & Ubuntu12

Quanah Gibson-Mount: > I'm testing the ubuntu12 64-bit beta, and had to make the following change > to makedefs under the Linux.3 category. Just FYI: > > --- postfix-2.9.1.2z/makedefs.orig 2012-01-17 17:19:48.0 -0800 > +++ postfix-2.9.1.2z/makedefs 2012-03-28 16:43:26.154076634 -0

Re: smtpd_reject_footer: possible improvement

Am 29.03.2012 20:18, schrieb Wietse Venema: > Reindl Harald: >> >> i really love "smtpd_reject_footer" to put contact informations >> and a hint that SMTP auth is needed in the response >> >> would it not make sense to add the content of "smtpd_reject_footer" >> to the default-answer instead in a

Re: smtpd_reject_footer: possible improvement

Reindl Harald: > >> i really love "smtpd_reject_footer" to put contact informations > >> and a hint that SMTP auth is needed in the response > >> > >> would it not make sense to add the content of "smtpd_reject_footer" > >> to the default-answer instead in a seperated line which can be > >> easily

Re: Linux.3 in makedefs & Ubuntu12

On 29.03.2012 22:23, Wietse Venema wrote: [] > Perhaps you can suggest a way for makedefs to parse out the CPU > type from "uname -whatever" and use that in the library search? This isn't about uname. Uname may return one thing, yet postfix may be building for entirely another -- that's the main

Re: Linux.3 in makedefs & Ubuntu12

--On Thursday, March 29, 2012 10:56 PM +0400 Michael Tokarev wrote: Besides, gcc --print-search-dirs (as already used in makedefs) includes all necessary multiarch directories already. So I'm not really sure why the OP have this problem to start with. Here's the content of SEARCHDIRS variabl

Re: Linux.3 in makedefs & Ubuntu12

On Thu, 29 Mar 2012 12:10:26 -0700 Quanah Gibson-Mount wrote: > --On Thursday, March 29, 2012 10:56 PM +0400 Michael Tokarev > wrote: > > > Besides, gcc --print-search-dirs (as already used in makedefs) > > includes all necessary multiarch directories already. So > > I'm not really sure why t

Re: Linux.3 in makedefs & Ubuntu12

On 29.03.2012 23:10, Quanah Gibson-Mount wrote: > --On Thursday, March 29, 2012 10:56 PM +0400 Michael Tokarev > wrote: > >> Besides, gcc --print-search-dirs (as already used in makedefs) >> includes all necessary multiarch directories already. So >> I'm not really sure why the OP have this pro

Re: Linux.3 in makedefs & Ubuntu12

Michael Tokarev: [ Charset ISO-8859-1 unsupported, converting... ] > On 29.03.2012 22:23, Wietse Venema wrote: > [] > > Perhaps you can suggest a way for makedefs to parse out the CPU > > type from "uname -whatever" and use that in the library search? > > This isn't about uname. Uname may return

Re: Linux.3 in makedefs & Ubuntu12

On 29.03.2012 23:23, John Peach wrote: > My Ubuntu Precise box has the following in in /etc/ld.so.conf which > will pick up those directories: You can install libraries for other architectures - sparc, mipsel, etc - and the corresponding dirs will be added to the list. Yes even if you're on x86,

Re: Linux.3 in makedefs & Ubuntu12

Michael Tokarev: > SEARCHDIRS=$(${CC-gcc} -print-search-dirs 2>/dev/null | > sed -n '/^libraries: =/s/libraries: =//p' | > sed -e 's/:/\n/g' | xargs -n1 readlink -f | > grep -v 'gcc\|/[0-9.]\+$' | sort -u) >

Re: postfix REGEX bug ???

On 3/29/2012 1:15 PM, Wietse Venema wrote: > Noel Jones: >> On 3/29/2012 5:48 AM, Wietse Venema wrote: >>> You mean: >>> >>> /^google\.com$/ >>> /^mail\.ru$/ >> >> The expression must also match subdomains. >> >> /[^.]google\.com$/ >> /[^.]mail\.ru$/ > > To match zero or more labels before

Re: Linux.3 in makedefs & Ubuntu12

On 29.03.2012 23:32, Wietse Venema wrote: > Michael Tokarev: >> SEARCHDIRS=$(${CC-gcc} -print-search-dirs 2>/dev/null | >> sed -n '/^libraries: =/s/libraries: =//p' | >> sed -e 's/:/\n/g' | xargs -n1 readlink -f | >>

Re: Linux.3 in makedefs & Ubuntu12

On 29.03.2012 23:29, Wietse Venema wrote: > Michael Tokarev: >> On 29.03.2012 22:23, Wietse Venema wrote: >> [] >>> Perhaps you can suggest a way for makedefs to parse out the CPU >>> type from "uname -whatever" and use that in the library search? >> >> This isn't about uname. Uname may return one

Re: smtpd_reject_footer: possible improvement

* Reindl Harald : > Hi > > i really love "smtpd_reject_footer" to put contact informations > and a hint that SMTP auth is needed in the response > > would it not make sense to add the content of "smtpd_reject_footer" > to the default-answer instead in a seperated line which can be > easily achiev

Re: smtpd_reject_footer: possible improvement

Ralf Hildebrandt: > * Reindl Harald : > > Hi > > > > i really love "smtpd_reject_footer" to put contact informations > > and a hint that SMTP auth is needed in the response > > > > would it not make sense to add the content of "smtpd_reject_footer" > > to the default-answer instead in a seperated

Debugging the transport table

(version 2.7.0; postconf -n upon request). I'm having trouble using the transport table with a non-default server port. Specifically, I have sh...@ziskind.us:[pizza.ziskind.us]:2525 me...@crownkosher.net :[pizza.ziskind.us]:2525 the last being newly added. Results: Mar 25 08:02:11 c

Re: Debugging the transport table

On Thu, Mar 29, 2012 at 05:49:20PM -0400, N. Yaakov Ziskind wrote: > X-Mailer: Outlook stinks. Dump Outlook. :) > (version 2.7.0; postconf -n upon request). I'm having trouble > using the transport table with a non-default server port. > Specifically, I have > > sh...@ziskind.us:[pizza.

Re: smtpd_reject_footer: possible improvement

Am 29.03.2012 22:42, schrieb Wietse Venema: > Ralf Hildebrandt: >> * Reindl Harald : >>> would it not make sense to add the content of "smtpd_reject_footer" >>> to the default-answer instead in a seperated line which can be >>> easily achieved by put \n at the begin >>> >>> i noticed that some sof

Re: smtpd_reject_footer: possible improvement

Wietse Venema: > Ralf Hildebrandt: > > * Reindl Harald : > > > Hi > > > > > > i really love "smtpd_reject_footer" to put contact informations > > > and a hint that SMTP auth is needed in the response > > > > > > would it not make sense to add the content of "smtpd_reject_footer" > > > to the defa

Re: smtpd_reject_footer: possible improvement

Am 30.03.2012 00:51, schrieb Wietse Venema: i noticed that some software out there seems to handle it wrong and display ONLY the reject footer at all or whatever is the last response line >>> >>> Indeed. I received several error messages that had the >>> smtpd_reject_footer reduced

Re: Debugging the transport table

On 3/29/2012 4:49 PM, N. Yaakov Ziskind wrote: > (version 2.7.0; postconf -n upon request). I'm having trouble using the > transport table with a non-default server port. Specifically, I have > ... > me...@crownkosher.net :[pizza.ziskind.us]:2525 .NET ... > but > Mar 29 17:39:28 chocolate p

Re: Debugging the transport table

/dev/rob0 wrote (on Thu, Mar 29, 2012 at 05:14:04PM -0500): > On Thu, Mar 29, 2012 at 05:49:20PM -0400, N. Yaakov Ziskind wrote: > > > (version 2.7.0; postconf -n upon request). I'm having trouble > > using the transport table with a non-default server port. > > Specifically, I have > > > > sh..

Re: Debugging the transport table

Noel Jones wrote (on Thu, Mar 29, 2012 at 06:39:34PM -0500): > On 3/29/2012 4:49 PM, N. Yaakov Ziskind wrote: > > (version 2.7.0; postconf -n upon request). I'm having trouble using the > > transport table with a non-default server port. Specifically, I have > > > ... > > me...@crownkosher.net :

Re: smtpd_reject_footer: possible improvement

On 3/29/2012 5:51 PM, Wietse Venema wrote: > Wietse Venema: >> Ralf Hildebrandt: >>> * Reindl Harald : Hi i really love "smtpd_reject_footer" to put contact informations and a hint that SMTP auth is needed in the response would it not make sense to add the content of "

Re: smtpd_reject_footer: possible improvement

On Thu, 2012-03-29 at 18:51:49 -0400, Wietse Venema wrote: > ... > > That is clear. However, smtpd_reject_footer is part of the stable > > release, so it cannot be changed. > > > > Hence, my request for suggestions how we would document this. Maybe > > we can use a name similar, but not identica

RE: FW: Postfix delivery to openldap users

It searches for mail=prisci...@domain.com and mail=Priscilla. With the present ldap.cf it returns the username only for mail=prisci...@domain.com and does not return anything for mail=Priscilla. This is the reason for the error "User unknown in local recipient table". The following is the ldap log