is open.
Better fix it then. Rather than reciting cliches, your time is probably
better spent reading the DEBUG_README.
--
Sahil Tandon <[EMAIL PROTECTED]>
Camron W. Fox <[EMAIL PROTECTED]> wrote:
> access table cidr:/etc/postfix/per_client_filter entry "10.1.2.3" requires
> transport:destination
Typo in your per_client_filter CIDR? Show us.
--
Sahil Tandon <[EMAIL PROTECTED]>
Camron W. Fox <[EMAIL PROTECTED]> wrote:
> Sahil Tandon wrote:
>> Camron W. Fox <[EMAIL PROTECTED]> wrote:
>>
>>> access table cidr:/etc/postfix/per_client_filter entry "10.1.2.3"
>>> requires transport:destination
>>
>> Typo in
ry, it was shown in the inline above:
>>>
>>> 133.40.0.0/16 FILTER DUNNO
>>
>> DUNNO is not a filter; that's why Postfix is complaining. See
>> access(5):
>>
>> http://www.postfix.org/access.5.html
>>
> So it should be this:
>
> 133.40.0.0/16 DUNNO
> 0.0.0.0/0 FILTER spamassassin:
Yes.
--
Sahil Tandon <[EMAIL PROTECTED]>
Camron W. Fox <[EMAIL PROTECTED]> wrote:
> What happened to the mail that met the "FILTER DUNNO" criteria of the
> incorrect config?
Your logs will tell you. You could also see if it's lurking in the
mailq.
--
Sahil Tandon <[EMAIL PROTECTED]>
ddressed to [EMAIL PROTECTED] arrives at your server during the
initial move), you could setup a transport(5) map to direct all such
mail to the new MX.
As for deleting the defunct domainAAA.tld mailboxes -- that's entirely
up to you.
--
Sahil Tandon <[EMAIL PROTECTED]>
BUG_README.html#mail
http://postfix.state-of-mind.de/patrick.koetter/saslfinger/
http://www.postfix.org/SASL_README.html
Give more information; at least the output of 'postconf -n' and
saslfinger.
--
Sahil Tandon <[EMAIL PROTECTED]>
.org/postconf.5.html#reject_unknown_sender_domain
% host css2.ndcorp.com
Host css2.ndcorp.com not found: 3(NXDOMAIN)
--
Sahil Tandon <[EMAIL PROTECTED]>
gt; with many different competing registrars. Go to http://www.internic.net
> for detailed information.
Pedantry is OK, but it is reserved only for those who know what they're
talking about. That is to say, it is not for you.
--
Sahil Tandon <[EMAIL PROTECTED]>
Ujjval K <[EMAIL PROTECTED]> wrote:
> BTW - There were no instructions in the welcome message..
[...]
> TO REPORT A PROBLEM see http://www.postfix.org/DEBUG_README.html#mail
That, right there, looks like a pretty clear instruction to me.
--
Sahil Tandon <[EMAIL PROTECTED]>
out-1314.google.com, to which you cannot connect on port 25.
--
Sahil Tandon <[EMAIL PROTECTED]>
st REJECT those domains.
--
Sahil Tandon <[EMAIL PROTECTED]>
f
> alias_maps = hash:/etc/aliases
> alias_database = hash:/etc/aliases
> local_recipient_maps = proxy:unix:passwd.byname, $alias_maps,
> $virtual_alias_maps
Don't post snippets of your main.cf; as advised in DEBUG_README, please
post output of 'postconf -n'. Also, what does the pickup service look
like in your master.cf?
--
Sahil Tandon <[EMAIL PROTECTED]>
irtual_gid_maps = static:5000
virtual_mailbox_base = /home/vmail
virtual_mailbox_domains = example0.org example1.com example2.com
virtual_mailbox_maps = hash:/usr/local/etc/postfix/vmailbox
virtual_minimum_uid = 1000
virtual_uid_maps = static:5000
--
Sahil Tandon <[EMAIL PROTECTED]>
was written, headers, etc. I wasn't
sure that was necessary to debug the issue. But if it is, I'm happy
to post that as well.
I understand it is generally better to paste relevant excerpts in the
body, but this particular capture is quite large!
[TCP Previous segment lost] is followed by several duplicate ACKs, and
eventually a 421 timeout error.
http://pastebin.com/m7fb47518
--
Sahil Tandon <[EMAIL PROTECTED]>
Victor Duchovni <[EMAIL PROTECTED]> wrote:
> On Sat, Oct 11, 2008 at 11:03:37AM -0400, Sahil Tandon wrote:
>
> > Thank you and Viktor for your response. The sending MTA continues to
> > retry on an hourly basis. I ran tcpdump as per the DEBUG_README and
> > p
Stephen Liu <[EMAIL PROTECTED]> wrote:
> Please advise where shall I check and how to fix the problem. TIA
Read the DEBUG_README and try again.
--
Sahil Tandon <[EMAIL PROTECTED]>
ransport maps:
http://www.postfix.org/transport.5.html
> "joedoe: [EMAIL PROTECTED]:2525"
> and
> "joedoe: [EMAIL PROTECTED] 2525"
>
> The above does not work. How can I accomplish this?
See the link posted above and pay close attention to transport map
syntax.
--
Sahil Tandon <[EMAIL PROTECTED]>
n your postconf output, I did not see any declaration of
transport_maps. You need something like:
transport_maps = maptype:/etc/postfix/transport
where 'maptype' is probably 'hash' in your case, but see postconf(1) and
postmap(1) for more details.
--
Sahil Tandon <[EMAIL PROTECTED]>
r take this up with the Debian package maintainer(s).
--
Sahil Tandon <[EMAIL PROTECTED]>
arate domains,
non-UNIX accounts". After reading that document and experimenting
yourself, ask for help here following the instructions in
http://www.postfix.org/DEBUG_README.html#mail.
--
Sahil Tandon <[EMAIL PROTECTED]>
about the system performance, but possible
> blacklisting as it may send flurry of mails to external domains.
If you're really worried, you can parse the queue for large amounts of
messages heading to the same external domain and release the associated
QUEUE IDs slowly. Bit of a crude option, but one you might consider.
--
Sahil Tandon <[EMAIL PROTECTED]>
Terry Carmen <[EMAIL PROTECTED]> wrote:
> Sahil Tandon wrote:
>> Linux Addict <[EMAIL PROTECTED]> wrote:
>>
>>
>>> Steven King wrote:
>>>
>>>> Postfix is very cautious about system resource usage. It keeps an eye on
>
te? His host is the only host I have a problem with, for everybody
> else it seems to work fine.
Without more information (as requested in the DEBUG_README to which you
were linked upon joining this mailing list), the last sentence suggests
the problem is with your friend's server, not yours.
--
Sahil Tandon <[EMAIL PROTECTED]>
il, but I have
> to (I think) set up some authentication so that I don't
> become an open relay. What's the simplest way to do
> this?
http://www.postfix.org/SASL_README.html
http://www.postfix.org/TLS_README.html
--
Sahil Tandon <[EMAIL PROTECTED]>
> information on the routing/delivery process.
Isn't it performing DNS lookups just fine when delivering to other
domains? Is this problem limited to att.blackberry.net or was that just
one of many examples? Also see:
http://www.postfix.org/DEBUG_README.html#mail.
--
Sahil Tandon <[EMAIL PROTECTED]>
d passes packets
between the sending and receiving machine.
--
Sahil Tandon <[EMAIL PROTECTED]>
know what MTA the relay
is running? Have you recorded the SMTP conversation with something like
tcpdump to see what happens right before the connection is lost?
--
Sahil Tandon <[EMAIL PROTECTED]>
using the problem. Just because other test emails get through does
not rule out a problem. And yes, what software the relay MTA runs is
relevant; especially if this software does not properly implement SMTP.
--
Sahil Tandon <[EMAIL PROTECTED]>
ve never
> captured/viewed smtp data and wouldn't know how to interpret it and filter
> out the session of interest!
http://www.postfix.org/DEBUG_README.html#sniffer
--
Sahil Tandon <[EMAIL PROTECTED]>
e, Postfix
acts as documented:
http://www.postfix.org/postconf.5.html#undisclosed_recipients_header
--
Sahil Tandon <[EMAIL PROTECTED]>
sure that the second gateway accepts and relays mail on behalf of
the first (blacklisted) gateway.
--
Sahil Tandon <[EMAIL PROTECTED]>
domains
You needn't place anything but tiscali.co.uk in your transport file.
Mail addressed to the other (local and non-local) domains should arrive
at the appropriate nexthop by default. You are only trying to override
the default nexthop for tiscali.co.uk.
--
Sahil Tandon <[EMAIL PROTECTED]>
round with header_checks assuming that this
> is where the REWRITE would go, but it doesn't seem like I'm getting
> anywhere.
You need REPLACE, not REWRITE.
See http://riseuplabs.org/privacy/postfix/; ignore the patch section and
scroll down to "Postfix 2.3 and later". Copy and modify as necessary to
meet your needs.
--
Sahil Tandon <[EMAIL PROTECTED]>
Dan Langille <[EMAIL PROTECTED]> wrote:
> Sahil Tandon wrote:
>> john mickler <[EMAIL PROTECTED]> wrote:
>>
>>> I have a question pertaining to message headers on outbound mail from
>>> remote smtp auth'd clients. I have been asked to adju
sign? Are the
> correct services running on the correct machines?
Paste the output of 'postconf -n' from one of the INBOUND MXs; you might
then receive more suggestions. And if you are not already, I recommend
postfwd as a policy server while rejecting all mail listed on
zen.spamha
at causes the error? Is Postfix running chrooted? Have you read the
DBEUG_README?
--
Sahil Tandon <[EMAIL PROTECTED]>
Stick to postqueue. Isn't qstat for qmail?
--
Sahil Tandon <[EMAIL PROTECTED]>
; testdomain.com and another domain that this machine receive mail with
> anotherdomain.com:
As advised in the DEBUG_README, next time include the output of
'postconf -n'.
--
Sahil Tandon <[EMAIL PROTECTED]>
m: address is *@
> us-reports.com and it is not from mynetworks then REJECT it?
Place the check after permitting your networks, SASL auth'd clients, and
reject_unauth_destination.
> The check_sender_access option is working great for the MAIL FROM: header,
> but that isn't catching these other ones.
check_sender_access works on the ENVELOPE, not the HEADER.
--
Sahil Tandon <[EMAIL PROTECTED]>
Chris Funk <[EMAIL PROTECTED]> wrote:
> On Thu, Dec 4, 2008 at 11:20 AM, Sahil Tandon <[EMAIL PROTECTED]> wrote:
>
> > Chris Funk <[EMAIL PROTECTED]> wrote:
> >
> > <..snip>
> > > Obviously not a good thing to do as then no one internally
problem and proposed solutions.
--
Sahil Tandon
oo many times. So no, I won't send
> you a RBL list.
This is bad and misleading advice. Just because you are listed on one
or more RBLs does not mean they are bad. Tolga, use zen.spamhaus.org
to reject at SMTP time. Also consider rejecting machines that HELO (or
EHLO) with "dynamic looking" hostnames.
--
Sahil Tandon <[EMAIL PROTECTED]>
On Sun, Dec 07, 2008 at 04:24:48PM -0700, LuKreme wrote:
> Won't that still break thunderbird? Or did mozilla finally fix that?
It won't. And please stop top-posting.
--
Sahil Tandon <[EMAIL PROTECTED]>
.
> Postfix rejects the mail with a permanent failure. How do I change this
> to a 4xx error code so that the clients server would retry the mail
AFAIK, there is no way to do this by tweaking main.cf. You would have
to modify the code and probably violate RFC 4954.
--
Sahil Tandon <[EMAIL PROTECTED]>
ry to local users, additional virtual users or
external destinations.
--
Sahil Tandon
h a "User unknown" message.
No, this is backscatter. Do not accept mail that you intend to bounce.
Relocated maps should be setup on the MX that sits on the border; not
an internal mail server.
--
Sahil Tandon
n open relay.
> Why Postfix behaves like this? How to catch only 'incoming' mail, and to
> send it away it if recipiend domain isn't listed in the virtual, local,
> and relay domain tables?
Because, as documented, virtual(5) mapping can be applied to non-local
addresses. Your problem is somewhat of a FAQ; search the archives for
proposed workarounds.
--
Sahil Tandon
7;re editing the above main.cf?
> smtpd_sasl_auth_enable = no
> smtpd_sasl_local_domain =
> smtpd_sasl_security_options = noanonymous
These three smtpd_sasl_* parameters are default; why are you re-defining
them in the configuration?
--
Sahil Tandon
which maildir path style will improve performance?
Postfix == MTA != MDA. Consult the documentation and/or mailing list of your
MDA.
--
Sahil Tandon
27;m using both Pyzor and Razor in my spamassassin config. Are there
> any other recommended RBL I can consider for use either in postfix or
> spamassassin?
Obviously a matter of preference; maybe you can try a few, preceding the
checks with "warn_if_reject", and monitor your logs for false positives.
Some people have reported success with the Barracuda RBL.
--
Sahil Tandon
801 - 851 of 851 matches
Mail list logo
