Re: unused parameter: mx_access=hash:/etc/postfix/mx_access

Am 31.01.2015 um 05:49 schrieb Joey J: I'm getting the following when I start postfix ( literally that many times) /usr/sbin/postconf: warning: /etc/postfix/main.cf : unused parameter: mx_access=hash:/etc/postfix/mx_access Here is a section of my configuration, I cant' seem to

postqueue -f vs postqueue -i: deferred to active vs deferred to incoming

Hello stress tests indicate that Postfix 2.8.8 behaves differently when using "postqueue -i" compared to "postqueue -f" when it comes to handling deferred e-mail. When using "postqueue -i" in a loop, deferred e-mail goes through the incoming queue before going through the active queue. When usin

Re: postqueue -f vs postqueue -i: deferred to active vs deferred to incoming

Andrew Bourgeois: > Hello > > stress tests indicate that Postfix 2.8.8 behaves differently when using > "postqueue -i" compared to "postqueue -f" when it comes to handling > deferred e-mail. As documented, "postqueue -i" pushes one message to the incoming queue, while "postqueue -f" triggers deli

Re: postqueue -f vs postqueue -i: deferred to active vs deferred to incoming

On Sat, Jan 31, 2015 at 3:37 PM, Wietse Venema wrote: > Andrew Bourgeois: > > Hello > > > > stress tests indicate that Postfix 2.8.8 behaves differently when using > > "postqueue -i" compared to "postqueue -f" when it comes to handling > > deferred e-mail. > > As documented, "postqueue -i" pushes

Re: postqueue -f vs postqueue -i: deferred to active vs deferred to incoming

On Sat, Jan 31, 2015 at 06:11:20PM +0100, Andrew Bourgeois wrote: > > > My question is: why is that? > > > > Because of the difference: one message, instead of all. > > So it's done because of performance reasons? No, for protocol reasons. The external queue manager protocol by which pickup, cle

Re: unused parameter: mx_access=hash:/etc/postfix/mx_access

OK, I understand, it looks like we have the additional line which is wrong... must have pasted it in by accident, the correct line is the one below which is check_recipient_access hash:/etc/postfix/mx_access Thank you! On Sat, Jan 31, 2015 at 7:09 AM, li...@rhsoft.net wrote: > > Am 31.01.2015 u

Re: postqueue -f vs postqueue -i: deferred to active vs deferred to incoming

Andrew Bourgeois: > > As documented, "postqueue -i" pushes one message to the incoming > > queue, while "postqueue -f" triggers delivery of all deferred mail. > > It's not clearly stated in the man pages of postqueue and flush. But since -i queue_id Schedule immediate delivery of deferred

on rcpt, error "cannot get RSA certificate from file "/etc/ssl/mail/myserver.crt": disabling TLS support"

​​ I've built & set up Postfix 2.11.3 on Ubuntu 64. Been reading up on list and decided to set up TLS AUTH using ccerts. 1st step, I created and installed self-singed certs & added these smtpd_tls_* to config -o smtpd_use_tls=yes -o smtpd_tls_security_level=may -o smtpd_tls_CApath=/e

Re: on rcpt, error "cannot get RSA certificate from file "/etc/ssl/mail/myserver.crt": disabling TLS support"

Dmt Ops: > Jan 31 12:37:54 mail postfix/smtpd[8337]: warning: TLS library problem: > error:...::fopen:No such file or directory:... http://www.postfix.org/DEBUG_README.html#no_chroot Wietse

Re: on rcpt, error "cannot get RSA certificate from file "/etc/ssl/mail/myserver.crt": disabling TLS support"

Deron ​Just a post typo, sorry. The names match. ​ Wietse chroot isn't enabled here.

Re: on rcpt, error "cannot get RSA certificate from file "/etc/ssl/mail/myserver.crt": disabling TLS support"

Dmt Ops: > chroot isn't enabled here. Prove it. Show evidence. Wietse

Re: on rcpt, error "cannot get RSA certificate from file "/etc/ssl/mail/myserver.crt": disabling TLS support"

Wietse $ grep " y " /etc/postfix/master.cf $

Re: on rcpt, error "cannot get RSA certificate from file "/etc/ssl/mail/myserver.crt": disabling TLS support"

On Sat, Jan 31, 2015 at 01:44:41PM -0800, Dmt Ops wrote: > 1st step, I created and installed self-signed certs & added these > smtpd_tls_* to config > > -o smtpd_use_tls=yes > -o smtpd_tls_security_level=may > -o smtpd_tls_CApath=/etc/ssl/certs > -o smtpd_tls_cert_file="/etc/ssl/m

Re: on rcpt, error "cannot get RSA certificate from file "/etc/ssl/mail/myserver.crt": disabling TLS support"

Dmt Ops: > Wietse > > $ grep " y " /etc/postfix/master.cf That proves NOTHING. You must follow instructions in http://www.postfix.org/DEBUG_README.html#no_chroot otherwise I cannot help you. Wietse

hostname does not resolve

What should I do about these warnings? Is there any reason not to reject the IPs in question? And if not, how do I do so? mail_version = 2.11.3 warning hostname 102-253-144-216.static.reverse.lstn.net does not resolve to address 216.144.253.102 hostname nor servname provided, or not known warnin

TLS Library Problem

Since I am not seeing a load of these, I am assuming this is indicating the error is on the other end? TLS library problem: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate:s3_pkt.c:1293:SSL alert number 42: -- 'There has to be enough light,' he panted, 'to see the dark

Re: on rcpt, error "cannot get RSA certificate from file "/etc/ssl/mail/myserver.crt": disabling TLS support"

Viktor It's the quotes. Removed. Works. Thanks. ​Wietse ​It's a copy of the default master.cf. chroot is not turned on for any processes. chroot is explicitly turned off for all processes, chroot was clearly not the problem anyway.

Re: Am I backscattering?

LuKreme: > Jan 26 14:49:53 mail postfix/pipe[44273]: E64DA50D3A1: > to=, orig_to=, relay=dovecot, > delay=0.13, delays=0.1/0.01/0/0.03, dsn=5.1.1, status=bounced (user unknown) That will produce backscatter. Why did you accept an unknown recipient? Wietse

Re: TLS Library Problem

On Sat, Jan 31, 2015 at 03:34:35PM -0700, LuKreme wrote: > Since I am not seeing a load of these, I am assuming this is indicating the > error is on the other end? > > TLS library problem: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert > bad certificate:s3_pkt.c:1293:SSL alert number 4

Re: Am I backscattering?

> On Jan 31, 2015, at 4:23 PM, Wietse Venema wrote: > > LuKreme: >> Jan 26 14:49:53 mail postfix/pipe[44273]: E64DA50D3A1: >> to=, orig_to=, relay=dovecot, >> delay=0.13, delays=0.1/0.01/0/0.03, dsn=5.1.1, status=bounced (user unknown) > > That will produce backscatter. Why did you accept an

Re: Am I backscattering?

> On Jan 31, 2015, at 4:55 PM, LuKreme wrote: > > >> On Jan 31, 2015, at 4:23 PM, Wietse Venema wrote: >> >> LuKreme: >>> Jan 26 14:49:53 mail postfix/pipe[44273]: E64DA50D3A1: >>> to=, orig_to=, relay=dovecot, >>> delay=0.13, delays=0.1/0.01/0/0.03, dsn=5.1.1, status=bounced (user unknown)

Re: TLS Library Problem

On Jan 31, 2015, at 4:28 PM, Viktor Dukhovni wrote: > On Sat, Jan 31, 2015 at 03:34:35PM -0700, LuKreme wrote: > >> Since I am not seeing a load of these, I am assuming this is indicating the >> error is on the other end? >> >> TLS library problem: error:14094412:SSL routines:SSL3_READ_BYTES:ss

Re: Am I backscattering?

LuKreme: > > > On Jan 31, 2015, at 4:55 PM, LuKreme wrote: > > > > > >> On Jan 31, 2015, at 4:23 PM, Wietse Venema wrote: > >> > >> LuKreme: > >>> Jan 26 14:49:53 mail postfix/pipe[44273]: E64DA50D3A1: > >>> to=, orig_to=, > >>> relay=dovecot, delay=0.13, delays=0.1/0.01/0/0.03, dsn=5.1.1,

Re: Am I backscattering?

> On Jan 31, 2015, at 5:21 PM, Wietse Venema wrote: > > LuKreme: >> >>> On Jan 31, 2015, at 4:55 PM, LuKreme wrote: >>> >>> On Jan 31, 2015, at 4:23 PM, Wietse Venema wrote: LuKreme: > Jan 26 14:49:53 mail postfix/pipe[44273]: E64DA50D3A1: > to=, orig_to=, > re

Re: TLS Library Problem

On Sat, Jan 31, 2015 at 05:16:33PM -0700, LuKreme wrote: > The start was just date stamp info and PID: > > Jan 31 01:52:10 mail postfix/smtpd[62297]: warning: TLS library problem: > error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad > certificate:s3_pkt.c:1293:SSL alert number 42: Whi

Re: hostname does not resolve

On 31 Jan 2015, at 17:33, LuKreme wrote: What should I do about these warnings? Is there any reason not to reject the IPs in question? And if not, how do I do so? mail_version = 2.11.3 warning hostname 102-253-144-216.static.reverse.lstn.net does not resolve to address 216.144.253.102 hostna

Re: hostname does not resolve

Am 01.02.2015 um 04:59 schrieb Bill Cole: On 31 Jan 2015, at 17:33, LuKreme wrote: What should I do about these warnings? Is there any reason not to reject the IPs in question? And if not, how do I do so? mail_version = 2.11.3 warning hostname 102-253-144-216.static.reverse.lstn.net does not r

Re: Am I backscattering?

On 31 Jan 2015, at 21:10, LuKreme wrote: On Jan 31, 2015, at 5:21 PM, Wietse Venema wrote: LuKreme: On Jan 31, 2015, at 4:55 PM, LuKreme wrote: On Jan 31, 2015, at 4:23 PM, Wietse Venema wrote: LuKreme: Jan 26 14:49:53 mail postfix/pipe[44273]: E64DA50D3A1: to=, orig_to=, relay=do

Re: hostname does not resolve

On Sun, Feb 01, 2015 at 05:11:15AM +0100, li...@rhsoft.net wrote: > >Nearly every SMTP client using an IP with a PTR whose name does not > >resolve back to that IP sends nothing but spam > > bullshit - in the real world that's not true The message you were responding too was generally helpful wi

Re: hostname does not resolve

Am 01.02.2015 um 05:45 schrieb Viktor Dukhovni: On Sun, Feb 01, 2015 at 05:11:15AM +0100, li...@rhsoft.net wrote: Nearly every SMTP client using an IP with a PTR whose name does not resolve back to that IP sends nothing but spam bullshit - in the real world that's not true The message you

Re: hostname does not resolve

On Sun, Feb 01, 2015 at 05:50:44AM +0100, li...@rhsoft.net wrote: > Am 01.02.2015 um 05:45 schrieb Viktor Dukhovni: > >On Sun, Feb 01, 2015 at 05:11:15AM +0100, li...@rhsoft.net wrote: > >>>Nearly every SMTP client using an IP with a PTR whose name does not > >>>resolve back to that IP sends nothi