ldap help needed.

2014-06-17 Thread Marko Weber | ZBF
hello list, on debian 7.5 i installed postfix 2.9.6 with postfix-ldap package. in the main.cf: ... ldap_transport_result_filter = smtp:%s.24t.loc:25 virtual_mailbox_maps = ldap:ldap_users ## wichtig!! ldap:ldap_users muss hier mit aufgefuehrt werden, sonst werden alle Mails

Re: ldap help needed.

2014-06-17 Thread Wietse Venema
> [] Stopping Postfix Mail Transport Agent: postfix/usr/sbin/postconf: > warning: /etc/postfix/main.cf: unused parameter: > ldap_transport_result_filter=smtp:%s.24t.loc:25 Apparently, postconf 2.9-2.12 error checking for "legacy DBMS support" is incomplete. You will get correct result with t

Re: ldap help needed.

2014-06-17 Thread Wietse Venema
Wietse Venema: > > [] Stopping Postfix Mail Transport Agent: postfix/usr/sbin/postconf: > > warning: /etc/postfix/main.cf: unused parameter: > > ldap_transport_result_filter=smtp:%s.24t.loc:25 > > Apparently, postconf 2.9-2.12 error checking for "legacy DBMS > support" is incomplete. You wil

Re: ldap help needed.

2014-06-17 Thread Viktor Dukhovni
On Tue, Jun 17, 2014 at 09:11:15AM -0400, Wietse Venema wrote: > > [] Stopping Postfix Mail Transport Agent: postfix/usr/sbin/postconf: > > warning: /etc/postfix/main.cf: unused parameter: > > ldap_transport_result_filter=smtp:%s.24t.loc:25 > > Apparently, postconf 2.9-2.12 error checking f

Regarding smtpd_recipient_limit

2014-06-17 Thread Joy
Dear All, I want to restrict users to not send more than 5 recipient in TO/CC/BCC to external recipient so i have implemented one relay server to restrict the same. I configured my relay server with following line in main.cf smtpd_recipient_limit = 5 I reloaded the server but

Re: Regarding smtpd_recipient_limit

2014-06-17 Thread Noel Jones
On 6/17/2014 11:06 AM, Joy wrote: > Dear All, > I want to restrict users to not send more than 5 > recipient in TO/CC/BCC to external recipient so i have implemented > one relay server to restrict the same. I configured my relay server > with following line in main.cf

Re: SMTP starttls / DANE TLS

2014-06-17 Thread Per Thorsheim
Den 16.06.2014 17:18, skrev Viktor Dukhovni: > On Mon, Jun 16, 2014 at 10:12:03AM +0200, Per Thorsheim wrote: > >> https://datatracker.ietf.org/doc/draft-ietf-dane-smtp-with-dane/ >> "In WG Last Call" >> >> Any estimate on when this might become final Viktor? > With any luck, around July IETF. The

Re: SMTP starttls / DANE TLS

2014-06-17 Thread Viktor Dukhovni
On Tue, Jun 17, 2014 at 08:39:38PM +0200, Per Thorsheim wrote: > Sounds good, look forward to see it finalised. Blogged this today: > https://starttls.info/blog/from-zero-to-hero-in-no-time/ > > ACLU, EFF and many others are now actively promoting starttls > deployment, as you may have seen from

Re: SMTP starttls / DANE TLS

2014-06-17 Thread Per Thorsheim
Den 17.06.2014 20:59, skrev Viktor Dukhovni: > Thanks for fighting the good fight. In the mean-time, any chance > you could stop fix the misleading TLS support scores starttls.info > issues to soundly configured MTAs? > > * For SMTP, self-signed certificates are as good as CA issued > ce

Re: SMTP starttls / DANE TLS

2014-06-17 Thread Viktor Dukhovni
On Tue, Jun 17, 2014 at 09:09:31PM +0200, Per Thorsheim wrote: > Den 17.06.2014 20:59, skrev Viktor Dukhovni: > > > Thanks for fighting the good fight. In the mean-time, any chance > > you could stop fix the misleading TLS support scores starttls.info > > issues to soundly configured MTAs? > > I

smtpd access checks without checking virtual_alias_maps - howto ?

2014-06-17 Thread uffe
Hi, I'm trying to configure postfix to perform smtpd access checks - specifically recipient check/restrictions - but without having it consult its virtual_alias_maps. I'm heavily depending on catchall constructions in virtual_aliases for further "virtual routing" The catchall constructs in my vi

Re: smtpd access checks without checking virtual_alias_maps - howto ?

2014-06-17 Thread Noel Jones
On 6/17/2014 3:48 PM, uffe wrote: > Hi, > > I'm trying to configure postfix to perform smtpd access checks - > specifically recipient check/restrictions - but without having it consult > its virtual_alias_maps. > > I'm heavily depending on catchall constructions in virtual_aliases for > further "

Re: smtpd access checks without checking virtual_alias_maps - howto ?

2014-06-17 Thread Viktor Dukhovni
On Tue, Jun 17, 2014 at 01:48:49PM -0700, uffe wrote: > I'm trying to configure postfix to perform smtpd access checks - > specifically recipient check/restrictions - but without having it consult > its virtual_alias_maps. Sorry, that's not possible. The SMTP server will use whatever virtual(5)

Re: smtpd access checks without checking virtual_alias_maps - howto ?

2014-06-17 Thread Uffe Jakobsen
On 2014-06-17 23:18, Noel Jones wrote: On 6/17/2014 3:48 PM, uffe wrote: Hi, I'm trying to configure postfix to perform smtpd access checks - specifically recipient check/restrictions - but without having it consult its virtual_alias_maps. I'm heavily depending on catchall constructions in v

Re: smtpd access checks without checking virtual_alias_maps - howto ?

2014-06-17 Thread Uffe Jakobsen
On 2014-06-17 23:21, Viktor Dukhovni wrote: On Tue, Jun 17, 2014 at 01:48:49PM -0700, uffe wrote: I'm trying to configure postfix to perform smtpd access checks - specifically recipient check/restrictions - but without having it consult its virtual_alias_maps. Sorry, that's not possible. T

Re: smtpd access checks without checking virtual_alias_maps - howto ?

2014-06-17 Thread Viktor Dukhovni
On Wed, Jun 18, 2014 at 12:00:03AM +0200, Uffe Jakobsen wrote: > >Sorry, that's not possible. The SMTP server will use whatever > >virtual(5) aliases it is configured with to validate input recipients. > > damn, qmail could do this stuff out-of-the-box. > > To me it would make sense to have vir

Re: smtpd access checks without checking virtual_alias_maps - howto ?

2014-06-17 Thread Uffe Jakobsen
On 2014-06-18 00:08, Viktor Dukhovni wrote: On Wed, Jun 18, 2014 at 12:00:03AM +0200, Uffe Jakobsen wrote: Can anyone come up with a way (configurtion) for smtpd to check for valid recipients in a map - and keep it away from looking into virtual_alias_maps while performing recipient validatio

Multiple Targets on transport map

2014-06-17 Thread Joey J
We have 2 gateway servers in multiple locations so that we have redundancy and of course corresponding mx records pointing to both. This handles if GW1 fails, go to GW2 Now once at a GW the transport map handles the routing of the messages for domain.com as shown: domain.com smtp

Re: Multiple Targets on transport map

2014-06-17 Thread Noel Jones
On 6/17/2014 8:30 PM, Joey J wrote: > We have 2 gateway servers in multiple locations so that we have > redundancy and of course corresponding mx records pointing to both. > This handles if GW1 fails, go to GW2 > > Now once at a GW the transport map handles the routing of the > messages for domain

Re: Multiple Targets on transport map

2014-06-17 Thread Jose Borges Ferreira
On Wed, Jun 18, 2014 at 2:30 AM, Joey J wrote: > We have 2 gateway servers in multiple locations so that we have redundancy > and of course corresponding mx records pointing to both. > This handles if GW1 fails, go to GW2 > > Now once at a GW the transport map handles the routing of the messages f