Configuration advices for a 50000 mailboxes server(s)

2012-04-17 Thread Frank Bonnet
Hello I need some feedbacks advices of experienced admins I will have to setup in few monthes an email system for approx 50K "intensives" users. The only mandatory thing will be I must use HP proliant servers The operating system will be FreeBSD or Linux Thank you for any advices

RE: Another issue with SMTPD AUTH

2012-04-17 Thread Franck MAHE
Yes, for sure I did. [root@fsrv02 log.d]# ll /usr/lib/sasl2/ total 52 -rwxr-xr-x 1 root root 957 2011-01-18 17:35 liblogin.la* lrwxrwxrwx 1 root root18 2012-04-12 11:21 liblogin.so -> liblogin.so.2.0.23* lrwxrwxrwx 1 root root18 2012-04-12 11:21 liblogin.so.2 -> liblogin.so.2.0.23* -rwx

RE: Another issue with SMTPD AUTH

2012-04-17 Thread Franck MAHE
Here it is [root@fsrv02 log.d]# ps auxw | grep sasl root 20425 0.0 0.0 34484 812 ?Ss 10:49 0:00 saslauthd -a shadow root 20426 0.0 0.0 34484 536 ?S10:49 0:00 saslauthd -a shadow root 20427 0.0 0.0 34484 520 ?S10:49 0:00 sasla

Re: Configuration advices for a 50000 mailboxes server(s)

2012-04-17 Thread snowie
You may try look up ZhangHuangbin, author of iredmail.org & dbmailadmin.org, a great postfix mail integrator. Nice guy. For your case, see dbmail.org, a fast scalable sql based mail services. Best regards. Snowie On Tuesday, April 17, 2012 03:54 PM, Frank Bonnet wrote: > Hello > > I need som

Re: Another issue with SMTPD AUTH

2012-04-17 Thread Patrick Ben Koetter
* Franck MAHE : > Yes, for sure I did. > > [root@fsrv02 log.d]# ll /usr/lib/sasl2/ your examples use /usr/lib64/... but you post /usr/lib/... Could it be your problem is wrong paths e.g. for the saslauthd socket? p@rick -- All technical questions asked privately will be automatically answere

RE: Another issue with SMTPD AUTH

2012-04-17 Thread Franck MAHE
You're right, [root@fsrv02 log.d]# ll /usr/lib64/sasl2/ total 0 :-( [root@fsrvpsg02 log.d]# rpm -qa | grep sasl2 lib64sasl2-2.1.23-1.1mdv2010.0 libsasl2-plug-plain-2.1.23-1.1mdv2010.0 libsasl2-plug-login-2.1.23-1.1mdv2010.0 libsasl2-2.1.23-1.1mdv2010.0 So I missed the point, I just installed th

postgrey outgoing mail whitelister

2012-04-17 Thread Claudius
Hi, as nobody seems to have a working solution I built a little Perl script that adds the IP of the server receiving outgoing mail to postgrey_clients.db It's still a little unfinished but working fine on my server. There's room for improvement though (IPv6 missing, rsyslog spawning and lastline

Re: postgrey outgoing mail whitelister

2012-04-17 Thread Reindl Harald
Am 17.04.2012 11:48, schrieb Claudius: > Hi, > > as nobody seems to have a working solution I built a little Perl script > that adds the IP of the server receiving outgoing mail to > postgrey_clients.db > > It's still a little unfinished but working fine on my server. There's > room for improve

Re: postgrey outgoing mail whitelister

2012-04-17 Thread Sam Jones
On Tue, 2012-04-17 at 11:50 +0200, Reindl Harald wrote: > > Am 17.04.2012 11:48, schrieb Claudius: > > Hi, > > > > as nobody seems to have a working solution I built a little Perl script > > that adds the IP of the server receiving outgoing mail to > > postgrey_clients.db > > > > It's still a li

Re: postgrey outgoing mail whitelister

2012-04-17 Thread Robert Schetterer
Am 17.04.2012 11:50, schrieb Reindl Harald: > > > Am 17.04.2012 11:48, schrieb Claudius: >> Hi, >> >> as nobody seems to have a working solution I built a little Perl script >> that adds the IP of the server receiving outgoing mail to >> postgrey_clients.db >> >> It's still a little unfinished bu

Re: postgrey outgoing mail whitelister

2012-04-17 Thread Reindl Harald
Am 17.04.2012 12:09, schrieb Robert Schetterer: > Am 17.04.2012 11:50, schrieb Reindl Harald: >> >> Am 17.04.2012 11:48, schrieb Claudius: >>> Hi, >>> >>> as nobody seems to have a working solution I built a little Perl script >>> that adds the IP of the server receiving outgoing mail to >>> post

Re: postgrey outgoing mail whitelister

2012-04-17 Thread Henrik K
On Tue, Apr 17, 2012 at 12:12:53PM +0200, Reindl Harald wrote: > > > Am 17.04.2012 12:09, schrieb Robert Schetterer: > > Am 17.04.2012 11:50, schrieb Reindl Harald: > >> > >> Am 17.04.2012 11:48, schrieb Claudius: > >>> Hi, > >>> > >>> as nobody seems to have a working solution I built a little P

Re: postgrey outgoing mail whitelister

2012-04-17 Thread Reindl Harald
Am 17.04.2012 12:38, schrieb Henrik K: > On Tue, Apr 17, 2012 at 12:12:53PM +0200, Reindl Harald wrote: >> how do you act with us as example? >> you are sending a message to me to MX "barracuda.thelounge.net" >> well, you whitelist "barracuda.thelounge.net" >> but you will never receive any messa

Re: postgrey outgoing mail whitelister

2012-04-17 Thread Henrik K
On Tue, Apr 17, 2012 at 12:42:16PM +0200, Reindl Harald wrote: > > > Am 17.04.2012 12:38, schrieb Henrik K: > > On Tue, Apr 17, 2012 at 12:12:53PM +0200, Reindl Harald wrote: > >> how do you act with us as example? > >> you are sending a message to me to MX "barracuda.thelounge.net" > >> well, yo

Re: postgrey outgoing mail whitelister

2012-04-17 Thread Reindl Harald
Am 17.04.2012 12:47, schrieb Henrik K: >> the majority has outgoing and incoming on the same IP? >> in which world are you living? > > Statistics speak for themselves. Come back with hard facts instead of > your FUD. are you really too stupid not use the term FUD as long you are not understand

Re: postgrey outgoing mail whitelister

2012-04-17 Thread Claudius
On 2012-04-17 12:04, Sam Jones wrote: > And I would add that an inbound MX does not necessarily === the same > outbound server a domain would use. Typically anti-spam gateways or > hosted services used inbound on one IP, whereas outbound mail coming > from another IP and server. > > Just imagine

Re: postgrey outgoing mail whitelister

2012-04-17 Thread Henrik K
On Tue, Apr 17, 2012 at 12:54:10PM +0200, Reindl Harald wrote: > > the hard facts are that EVERY site using a dedicated > spamfilter (own appliance or external service) have > different IP's for MX and outgoing mail So? Postpals also looks at whole /24 subnets and also can compare sender/recipien

Re: postgrey outgoing mail whitelister

2012-04-17 Thread Claudius
On 2012-04-17 12:09, Robert Schetterer wrote: > > what about using > some tecs from here > http://mailfud.org/postpals/ > Thanks for the link, that's pretty much what I was looking for. Guess I'll have to improve my search engine skills ;) -- Claudius

Re: postgrey outgoing mail whitelister

2012-04-17 Thread Reindl Harald
Am 17.04.2012 13:05, schrieb Henrik K: > Some people actually test theories before calling them nonsense. You > haven't made a single point why there would be "non-benefits" in running > postpals. maybe you should have read my replies? you are sending to the MX you are whitelisting the MX wond

Re: postgrey outgoing mail whitelister

2012-04-17 Thread Henrik K
On Tue, Apr 17, 2012 at 11:04:43AM +0100, Sam Jones wrote: > Just imagine whitelisting a shared, spammy server because a domain is > hosted on it. Naturally it will probably come through greylisting in the > end anyway, but I'd not go out of my way to make it easy on them! It's fine to imagine man

Re: postgrey outgoing mail whitelister

2012-04-17 Thread Reindl Harald
Am 17.04.2012 13:37, schrieb Henrik K: > On Tue, Apr 17, 2012 at 11:04:43AM +0100, Sam Jones wrote: >> Just imagine whitelisting a shared, spammy server because a domain is >> hosted on it. Naturally it will probably come through greylisting in the >> end anyway, but I'd not go out of my way to m

Re: postgrey outgoing mail whitelister

2012-04-17 Thread Henrik K
On Tue, Apr 17, 2012 at 01:29:23PM +0200, Reindl Harald wrote: > > you are sending to the MX > you are whitelisting the MX > wonderful, the MX is mistly not the outgoing server > you are receiving a spam-message > your user has a autoreply > with bad luck you are whitelisting the spamming server

Re: postgrey outgoing mail whitelister

2012-04-17 Thread Reindl Harald
Am 17.04.2012 13:43, schrieb Henrik > You do realize that the "whitelisting" should only apply to direct MTA > rbl/greylisting/ptr/etc rules? If that's your _only_ defence, then yes I > guess you should not use postpals. > >> if you think it makes sense for you do it >> but realize that others

Re: postgrey outgoing mail whitelister

2012-04-17 Thread Reindl Harald
Am 17.04.2012 13:43, schrieb Henrik K: > Hopefully by now people realize that your "practical expierience" > is questionable. my practical expierience is managing some hundret domains with > 15.000 RCPT since years - so stop your idiotic personal attacks while nobody attacked you until you creep

Re: postgrey outgoing mail whitelister

2012-04-17 Thread lst_hoe02
Zitat von Reindl Harald : Am 17.04.2012 13:43, schrieb Henrik K: Hopefully by now people realize that your "practical expierience" is questionable. my practical expierience is managing some hundret domains with > 15.000 RCPT since years - so stop your idiotic personal attacks while nobody at

Re: postgrey outgoing mail whitelister

2012-04-17 Thread Reindl Harald
Am 17.04.2012 14:00, schrieb Henrik K: > On Tue, Apr 17, 2012 at 01:53:50PM +0200, Reindl Harald wrote: >> >> >> Am 17.04.2012 13:43, schrieb Henrik K: >>> Hopefully by now people realize that your "practical expierience" >>> is questionable. >> >> my practical expierience is managing some hundre

Re: postgrey outgoing mail whitelister

2012-04-17 Thread Henrik K
On Tue, Apr 17, 2012 at 02:06:34PM +0200, Reindl Harald wrote: > > > Am 17.04.2012 14:00, schrieb Henrik K: > > On Tue, Apr 17, 2012 at 01:53:50PM +0200, Reindl Harald wrote: > >> > >> > >> Am 17.04.2012 13:43, schrieb Henrik K: > >>> Hopefully by now people realize that your "practical expierien

How to extend smtpd_sender_restrictions to DISCARD mail for all recipients if just one matches in a hash table?

2012-04-17 Thread n756gkj
Hey! I finally installed a postfix mail server this past weekend. Pretty straightforward with the awesome docs! Well, once ya find it all ;-) In my config, I declared smtpd_sender_restrictions=check_recipient_access,hash:/etc/postfix/lists/traps with entries in "/etc/postfix/lists/traps",

Re: How to extend smtpd_sender_restrictions to DISCARD mail for all recipients if just one matches in a hash table?

2012-04-17 Thread Jeroen Geilman
On 2012-04-17 20:20, n756...@50mail.com wrote: Hey! I finally installed a postfix mail server this past weekend. Pretty straightforward with the awesome docs! Well, once ya find it all ;-) In my config, I declared smtpd_sender_restrictions=check_recipient_access,hash:/etc/postfix/lists/t

Re: How to extend smtpd_sender_restrictions to DISCARD mail for all recipients if just one matches in a hash table?

2012-04-17 Thread Noel Jones
On 4/17/2012 1:20 PM, n756...@50mail.com wrote: > Hey! > > I finally installed a postfix mail server this past weekend. Pretty > straightforward with the awesome docs! Well, once ya find it all ;-) > > In my config, I declared > > > smtpd_sender_restrictions=check_recipient_access,hash:/et

Re: postgrey outgoing mail whitelister

2012-04-17 Thread /dev/rob0
On Tue, Apr 17, 2012 at 12:55:05PM +0200, Claudius wrote: > On 2012-04-17 12:04, Sam Jones wrote: > > > And I would add that an inbound MX does not necessarily === the > > same outbound server a domain would use. Typically anti-spam > > gateways or hosted services used inbound on one IP, whereas

Re: How to extend smtpd_sender_restrictions to DISCARD mail for all recipients if just one matches in a hash table?

2012-04-17 Thread n756gkj
On Tue, Apr 17, 2012, at 02:25 PM, Noel Jones wrote: > The access(5) man page includes, in part: ... > So your claim is not supported by the documentation. > http://www.postfix.org/access.5.html > > If you wish to make a case that postfix does not behave as > documented, you'll need to provide cl

Re: How to extend smtpd_sender_restrictions to DISCARD mail for all recipients if just one matches in a hash table?

2012-04-17 Thread Brian Evans - Postfix List
On 4/17/2012 3:55 PM, n756...@50mail.com wrote: > > FROM: "n###@###.com" > TO: b...@domain.com, m...@domain.com > > For that message send, postfix logs on my end show: > > Apr 17 11:52:48 mail postfix/smtpd[23367]: connect from > smtp.myprovider.com[1.2.3.4] > Apr 17 11:52:48

Re: How to extend smtpd_sender_restrictions to DISCARD mail for all recipients if just one matches in a hash table?

2012-04-17 Thread Noel Jones
On 4/17/2012 2:55 PM, n756...@50mail.com wrote: > > > On Tue, Apr 17, 2012, at 02:25 PM, Noel Jones wrote: >> The access(5) man page includes, in part: > ... >> So your claim is not supported by the documentation. >> http://www.postfix.org/access.5.html >> >> If you wish to make a case that postf

Re: How to extend smtpd_sender_restrictions to DISCARD mail for all recipients if just one matches in a hash table?

2012-04-17 Thread n756gkj
Brian On Tue, Apr 17, 2012, at 04:09 PM, Brian Evans - Postfix List wrote: > > It looks to me like it's being handled as two separate transactions > > where one gets discarded and one passes through. > > This is a case of your "provider" trying to be "helpful" and splitting each > recipient into

Re: postgrey outgoing mail whitelister

2012-04-17 Thread Patrick Domack
Quoting Henrik K : On Tue, Apr 17, 2012 at 11:04:43AM +0100, Sam Jones wrote: Just imagine whitelisting a shared, spammy server because a domain is hosted on it. Naturally it will probably come through greylisting in the end anyway, but I'd not go out of my way to make it easy on them! A shar

Re: How to extend smtpd_sender_restrictions to DISCARD mail for all recipients if just one matches in a hash table?

2012-04-17 Thread Wietse Venema
n756...@50mail.com: > Do you know if that kind of recipient-splitting is specifically > disallowed by any RFC? It is not forbidden, and it is in fact the basis of how qmail works. Wietse

Re: postgrey outgoing mail whitelister

2012-04-17 Thread Henrik K
On Tue, Apr 17, 2012 at 04:44:49PM -0400, Patrick Domack wrote: > > Why bother whitelisting any ip address? I have my system flag the > outgoing and incoming email address. Am I defensive or stupid for wondering what's the point of your question? Surely people whitelist all kinds of things with

Re: postgrey outgoing mail whitelister

2012-04-17 Thread /dev/rob0
On Wed, Apr 18, 2012 at 04:33:31AM +0300, Henrik K wrote: > Still, is it too much to ask for looking at > things from many angles or backing up claims with any kind of > statistics or science instead of personal gut feelings? Where/how would one collect such data? My mail stream differs from yo

Re: outgoing mail whitelister

2012-04-17 Thread Henrik K
On Tue, Apr 17, 2012 at 09:13:55PM -0500, /dev/rob0 wrote: > On Wed, Apr 18, 2012 at 04:33:31AM +0300, Henrik K wrote: > > Still, is it too much to ask for looking at > > things from many angles or backing up claims with any kind of > > statistics or science instead of personal gut feelings? > >