tation regarding the setup for postfix for multiple mx
records, but I am not sure how these two problems can be solved.
thanks a lot for the help in advance.
Peter
tion, it will be hard to
maintain such a shared mailstore.
Peter
ddress of imap server
when failover is required. but the dns propergation might take up
to three days. is there a better alternative?
guess it is something beyond postfix to handle. not sure how postfix users will
handle such an issue?
Thanks.
Peter
er in
another data center and a quick
dns change if the primary data center failed. The TTL in DNS settings can be 5
minutes.
Peter
red49978502.html
http://www.datacenterknowledge.com/archives/2008/03/31/fire-destroys-wisconsin-data-center/
http://www.intology.com/computers-internet/us-data-center-catches-fire-9000-servers-down/
http://www.prisontalk.com/forums/showthread.php?t=340505
anyway, thanks for your other suggestions.
Peter
sting for others to
> know please mention
> it and I'll test it and publish it.
it is great if you can create a blog to share.
Thanks,
Peter
otas won't work (such as yours). In
your case use Maildir quotas which should work fine and which are
explained beyond that paragraph.
Peter
(new to posting here, but have been following the list for a while now).
Regards,
Peter Ajamian
ossibly find a better term for the documentation?
Peter
e, but seems to clash with the conventional
definition for "dedicated server" (from wikipedia):
> A dedicated hosting service, dedicated server, or managed hosting
> service is a type of Internet hosting in which the client leases an
> entire server not shared with anyone.
This is what I (and I think most people) understand "dedicated server"
to mean. There must be a better term for this that is less confusing.
Peter
On 14/10/11 19:58, Stan Hoeppner wrote:
> This is a result of your limited background and education Peter. The
> term "server" was used to describe a software program's role long before
> hardware companies adopted the word "server" to describe a class of
&g
BB5790262:
> to=, relay=dovecot, delay=12684, delays=12683/0.18/0/0.27,
> dsn=4.3.0, status=deferred (temporary failure. Command output: doveconf:
Re-read rob0's last response to you, he told you what is causing this.
Peter
aster-15.html;_ylt=ArJo0u8FD0MevRjWn4Dha.cIJHdG
https://mail.google.com/support/bin/answer.py?answer=81126&topic=12838
http://postmaster.info.aol.com/Postmaster.Guidelines.php
Peter
You can rebuild the .src.rpm file from CentOS 6 easily for pgsql. You
just need the following lines in your .rpmmacros file when you rebuild:
%MYSQL 0
%PGSQL 1
Peter
On 08/12/11 14:40, Kwasi Gyasi - Agyei wrote:
> Hi,
>
> Any one knows how I can get postfix-pgsql on centos6 without
On 08/12/11 15:28, Kwasi Gyasi - Agyei wrote:
> Thanks, where can I get src.rpm for v2.6.6, the highest version from
> here http://postfix.wl0.org/en/available-packages/ is 2.5.
...picking a CentOS mirror at random:
http://mirrors.usc.edu/pub/linux/distributions/centos/6/os/SRPMS/Packages/postfix-
ing postscreen which can completely screw up submission when
doing the post-greeting tests, or if you are greylisting. Certainly
there are many other reasons as well.
Peter
ils that contain important
information. Even in your case it is likely that the ranting sender
wants to be removed from your mailing list and to make him think you've
received this email but not removed him from the list turns you into a
spammer.
There is very rarely a good reason to drop email.
Peter
sender's actions, I am simply stating that if you
are going to accept an email for delivery then you should deliver it, to
do otherwise gives a false impression to the sender.
Peter
ertain
> classes/types of problems.
Yes in a perfect world everyone would follow RFCs and do the right thing
with email. Just because the world is not perfect is not an excuse for
you to make it worse.
Peter
On 21/12/11 15:19, Reindl Harald wrote:
>
>
> Am 21.12.2011 01:29, schrieb Peter:
>> On 21/12/11 13:21, Reindl Harald wrote:
>>> so why does he not use the reply-button and what is he thinking does
>>> "nore...@mail.tld" mean? if you do not read the nor
On 22/12/11 04:56, Stan Hoeppner wrote:
> On 12/20/2011 9:19 PM, Peter wrote:
>
>> In the case of SPAM the best solution is to deliver the email to
>> the user's SPAM folder
>
> You must have an unlimited SAN hardware budget for your 1,000,000
> mailbox site,
re talking about backscatter, which makes no sense here.
Viktor was talking about being able to *receive* bounces, not about
sending them.
Peter
t;
>
> It is documented in detail here:
> http://www.postfix.org/ADDRESS_VERIFICATION_README.html
>
> This will fail if, as previously mentioned, your MTA rejects a recipient
> address that was previously allowed to send mail.
Only if you reject the email at the RCPT TO stage. See rob0's post for
a way to avoid this.
Peter
On 23/12/11 01:53, Stan Hoeppner wrote:
> On 12/21/2011 5:30 PM, Peter wrote:
>> There is nothing more frustrating than trying to figure out why your
>> emails are not going through to your customers than when they are
>> accepted for delivery and *not* delivered. I have
t in default rules to deliver
spam to a separate folder, and you can allow your users to set their own
sieve rules to do server-side filtering of emails. This is what I do
now for new postfix installs and my clients love having the sieve
filtering capabilities.
Peter
On 06/01/12 03:49, Tobey Wheelock wrote:
> On Thu, Jan 05, 2012 at 11:03:44PM +1300, Peter wrote:
>> There are (at least) two options for you:
>>
>> 1. postfixadmin comes with a vacation program that works with virtual
>> users and can work by modifying SQL tables
y server.
This is a common misconception. The envelope sender is not the same as
the From: header. This is the envelope sender for your message (and
indeed for every message from this mailing list):
Return-Path:
Peter
orrect answer is that you cannot block telnet access to port 25
without also blocking incoming emails from other MTAs, and so you should
not try.
Peter
nd one return value, and if you want to use the same data for
some other purpose you need to copy it to another file.
Don't think that you are limited to just using mysql either, a lot of
people prefer postgresql and you may find if you take the time to check
it out that you do as well, there is also sqlite if you want something
lighter weight.
Peter
ow
you do this is dependent on the particular SASL AUTH server you use and
a question that should probably be directed to their docs and support.
Peter
On 29/01/12 06:50, Alessandro Vicari wrote:
> Thanks Peter for the explanaition and for pointing me to the right
> direction to look at.
> I tried it and it works great. Now the thing is to make postfixadmin be
> able to create these aliases (which is not because so far as I saw it
t
won't work without pickup.
Peter
ww.postfix.org/DEBUG_README.html#mail
Peter
will
have both postgresql and mysql support:
%MYSQL 1
%PGSQL 1
Peter
On 13/02/12 20:59, Nikolaos Milas wrote:
> Hello,
>
> I've noticed that message Received headers do not include the
> envelope-from address.
>
> Is there a way to include the envelope-from address in message Received
> headers?
It's the Return-Path header.
Peter
On 13/02/12 22:20, Wolfgang Zeikat wrote:
> In an older episode, on 2012-02-13 09:24, Peter wrote:
>
>>> Is there a way to include the envelope-from address in message Received
>>> headers?
>>
>> It's the Return-Path header.
>
> AFAIK, Return-Pat
rgs = /etc/dovecot/sql.conf
driver = sql
}
Note that if you put the old config in dovecot will give a warning on
startup and `doveconf -n' will show the new config that you should
replace it with.
Peter
On 20/02/12 11:14, Wietse Venema wrote:
> Peter:
>> Note that if you put the old config in dovecot will give a warning on
>> startup and `doveconf -n' will show the new config that you should
>> replace it with.
>
> http://www.postfix.org/SASL_README.html was upd
thread-aware
>> mail readers. Thanks.
>>
>
> I'm curious which these are - I have no problems with his message on
> Thunderbird 3.1.16.
In Thunderbird go to "View" / "Sort by" and select "Threaded" and you
will see it.
Peter
ed using your function in the WHERE clause of your SQL query?
Peter
On 23/02/12 23:32, Matthias Leopold wrote:
> could you give me an example of how to do this?
> right now i'm calling my function like
>
> select function('foo');
> or
> select * from function('foo');
Give more details about what this function does and what output you
expect from it.
Peter
etting rejected by the reject_unknown_sender_domain
restriction above due to the domain serv002.domain.com returning
NXDOMAIN for a DNS query of A and MX records (see postconf(5)).
Peter
this issue from google. You can get a list of possible
IPs for them by checking their SPF record, after adding all the networks
from their SPF record I stopped having this issue.
Peter
t going to conflict with the client library package. Of course
> test this on a non-production system, don't take my word for it.
Fully off-topic advice:
To be safe from any program trying to install mysql (or the possibility
that a yum update might try to upgrade mysql) you should exclude mysql*
from the base and updates repos in yum.
Peter
mains and I don't care if the mail client lacks
> support for SNI.
You don't need SNI support for multiple domains, you simply need to have
your common name (CN) in the certificate match the 250 response of your
server. If SNI was required then services like google apps would be in
trouble.
Peter
haking.
I think you need to have a good read of:
http://www.postfix.org/TLS_README.html
Peter
On 13/05/12 05:04, Владимир Кутявин wrote:
> Ok there. Any way to make postfix do bcc for themessages from specified
> sender to specified recipient?
sender_bcc_maps
Peter
> queue_directory = /var/spool/postfix
That's not the line it's talking about.
Peter
Please don't top post, it's annoying.
On 13/05/12 13:59, gabrielt...@gmail.com wrote:
> From: Peter
> Date: Sun, 13 May 2012 11:37:31
>
> On 13/05/12 10:17, gabrielt...@gmail.com wrote:
>> postfix: fatal: /etc/postfix/main.cf, line 30: missing '=' after
&g
tfix/sql/virtual_alias_maps: Permission denied
Check what user proxymaps is running as and make sure it has permission
to access that file.
Peter
ed to do so then SPF is much simpler and easier
to set up for this purpose.
Peter
asically no chance at all to recover the
> original mail, than guessing... with the other formats, one at least can
> do so.
You know you could just use a different delivery agent that supports the
mbox format you want. Nothing says that you have to use local(8).
Peter
ng a
check_client_access cidr table instead for better control of this.
Peter
y=0, status=bounced (unknown
> user: "foo-test")
Wouldn't that be better if it says, '(unknown user: "foo")'? This in
consideration that the user foo-test actually does exist in the system,
and the reason it couldn't find it is that it was looking for "foo", or
is there something I am missing here?
Peter
ound that button I have replaced my simple "reply" button
with it on the toolbar and have never had an issue since.
Peter
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
iQEcBAEBAgAGBQJQ8dciAAoJ
mail for external users
Is there a global postfix setting for this ?
Look at /etc/aliases
Peter
eak.com. 3448 IN A 65.41.216.221
221.216.41.65.in-addr.arpa. 86176 INPTR
mo-65-41-216-221.sta.embarqhsd.net.
mo-65-41-216-221.sta.embarqhsd.net. 86166 IN A 65.41.216.221
Peter
ere are no deliverability issues with them.
Only with the few people who have a MX with IPv6 support.
Nope, I can tell your from experience that Comcast will reject your mail
if you relay it from an IPv6 address that doesn't have a PTR.
Peter
n
machines and stick with IPv4 until IPv6 adoption has reached a level
where it's more stable.
Peter
On 05/08/2013 08:03 PM, Stan Hoeppner wrote:
On 5/7/2013 5:36 PM, /dev/rob0 wrote:
...
Peter has explained this: you indeed seem to have FCrDNS, just not
Maybe my understanding of the definition of Forward Confirmed reverse
DNS is incorrect. I thought the definition of FCrDNS is that that
nd, "openssl ciphers" for a list, and then set
smtpd_tls_exclude_ciphers to any that have CBC in the name. No need to
worry about smtp ciphers as the scanner can't detect those anyways.
Peter
use).
2. dovecot sieve and managesieve plugins (probably with other sieve
implementations as well).
There are addons in both Roundcube and Squirrlmail for both of the above
so that users can set their own autoreply messages.
Peter
r's sender domain in order to relay mail through your server and
then your server becomes not much better than an open relay.
You should look into SASL AUTH, this is a much better way for your
customers to authenticate to your server for relaying:
http://www.postfix.org/SASL_README.html
Peter
so I'm going to
stop anyone who doesn't have an authorized domain in the envelope
sender." You probably noticed something I didn't in his posts, though.
Peter
e next.
So what I would suggest instead is to relax the standard for a major
version change a bit so that a major new feature would also be cause for
a major version change. Such an opportunity was recently missed with
the introduction of postscreen in version 2.8.
Peter
pipelining,
reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
check_recipient_access = hash:/etc/postfix/recipient_access,
permit_mynetworks,
reject
Peter
On 06/03/2013 12:44 PM, Peter wrote:
What you want instead is to move permit_mynetworks to the end of the
list and follow it by reject:
smtpd_recipient_restrictions =
reject_unauth_pipelining,
reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
check_recipient_access = hash
and can use STARTTLS for encryption. There is no other way to do
encryption on the submission port.
it still not needed to use ssl/tls to make auth work
It is if you set smtpd_tls_auth_only=yes.
Peter
sing a very old version of one particular email client in which
case they likely have other problems.
Peter
ing wrong
with this, but it won't solve your problem, your problem is what I
stated above.
http://www.postfix.org/VIRTUAL_README.html
http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL
https://help.ubuntu.com/community/Postfix
Read the SASL_README document I linked to above.
Peter
On 07/11/2013 02:51 PM, SONNY LASKAR wrote:
Please let me know the link of a proper document for configuring virtual users.
http://www.postfix.org/VIRTUAL_README.html
Peter
cy
daemon that plugs right into postfix for that now.
Seriously, go to Dovecot and get a newer version of postfix. It is well
worth it just to get postscreen support (which requires version 2.8 or
higher), and you really don't need to be patching it.
Peter
nt for the,
"I don't want to do this really stupid unnecessary vain thing" reason.
I would make sure the client knows that they are just spending extra
money to satisfy their own vanity and if they still want to go ahead
then do it for them.
Peter
config needs to
be replicated in the docs for dovecot 2.x or it should simply be removed
and a reference made to the dovecot docs. Just having the 1.x config is
very confusing, imo, especially since the vast majority of people will
be on 2.x now.
Peter
On 08/18/2013 07:44 PM, li...@rhsoft.net wrote:
> smtp_use_tls= yes
Don't use this, it's obsolete and replaced by ...
> smtp_tls_security_level = may
... this.
Peter
that there is or ever was any intention to use the UDP port for the
service:
http://tools.ietf.org/html/rfc6335#section-7.1
Note that this is no longer the case (as per section 7.2 of the same RFC
above).
Peter
was
for IANA to assign both tcp and udp when a service requested either so
seeing udp assigned to a service doesn't mean much if anything.
Peter
gt;> mail.example.com A B.B.B.B
>
> Won't this cause a problem with the MX records? They will both point
> at mail.example.com and one of those IPs will not be available at any
> given time.
Not if you point them to mailA.example.com and mailB.example.com.
Peter
n they really mean FCRDNS.
Check that forward records match as well before you go off complaining
to the other postmaster.
Peter
t I do not explicitly assign.
> Since I
> introduced the automatically generated IPv6 address into the DNS, Google
> accepts all mail from our server.
To me this is a bad idea, you're working around the issue instead of
fixing the real issue which is that you're getting IPs on your server
that you didn't configure for.
Peter
s with a 5xx code, or or up to five days (by default).
Peter
ind-9.3.6-20.P1.el5_8.6) on the affected server(s).
el5 also has bind97 packages, try upgrading to that and see if it fixes
your issue.
Peter
Spam" folder, in the case of viruses
you can quarantine.
I'm not saying that there isn't case where bouncing is appropriate, but
I am hard pressed to think of one, and it makes sense to try to avoid it
wherever possible.
Peter
port (587) with STARTTLS for
submission. There is a commented example in your master.cf file. You
can safely force encryption on this port because you don't need to worry
about inbound mail from other MXes.
Peter
and is built with postgresql, mysql and ldap support:
http://ghettoforge.org/
Peter
e efficient.
Note: Others have stated that this should really be done in your web
app, and I agree with that, but I won't go into that as you seem to
clearly indicate that you just want postfix advice here, so my advice is
that if you *must* do it in postfix, then you should use
check_recipient_access instead of header_checks.
Peter
I won't go into detail on what failed, though, because Weitse already
gave you that answer.
Peter
JECT followed by a reason
would be even better.
Peter
At any
rate, he should be safe as long as there are no PERMIT actions in his
pcre_recipients file.
Peter
l address that's
being rejected? It could very well be that you have an SPF record that
specifically tells other servers to reject your mail.
Peter
h basically will apply DKIM signatures but jump over DMARC auth.
You're confusing smtps with smtp. You likely shouldn't be using smtps
at all.
Peter
ere is the envelope sender
of your message (that I'm replying to):
Return-Path:
...and here is the From: header:
From: Adam Moffett
Obviously the two don't match, and equally obvious is that your message
is not SPAM.
Peter
pear in from: header?"
> however, mail is about SMTP and SMTP is about envelopes
I wouldn't exactly say that either, and don't feel the need to go into
all the different levels that statement fails in.
Peter
tually does use them,
so being on their list is not the end of the world.
Peter
fic. In addition to the postfix configuration
changes this only requires (1) a free IP address and (2) DNS change.
Peter
g the number of ISPs that block outbound port 25. Many will
still offer 25 for backwards compatibility, but even those will use a
separate IP address in the vast majority of cases so as not to mix
submission with MX traffic.
Peter
s mail admin
> which can help in both cases but in one point to the ISP :-)
Regardless of who is blocking it you have to deal with the results. As
I said earlier you may be in a position where you can just block 25
outright and be able to push all your users to submission, or this may
be too overwhelming of a task. The difference is that if the ISP blocks
it then the user is *already* on 587.
Peter
ve separated out
submission from MX traffic and can treat the two with different configs.
Peter
b.com/joepie91/df80d8d36cd9d1bde46ba018af497409
Peter
/etc/services.
Is there a stray startup check that was missed when known_tcp_ports was
added or something?
Peter
1 - 100 of 897 matches
Mail list logo
