" and mysql_use_result() but
I'm wondering if there is a better solution.
Has anyone an idea of how to do this?
Thanks for your help and best regards
Stefan
> > by Stefan Jakobs on 2010-06-13T19:43:00+00:00
> > Hello list,
> > I refer to my question of august 2008
>
E verify(
address VARCHAR(255) primary key,
data TEXT NOT NULL,
created TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP
);
- Grant the rights SELECT, INSERT, DELETE, UPDATE to the user 'postfix'
best regards
Stefan
postfix-mysql-write-support.patch.gz
Description: GNU Zip compressed data
On Tuesday, 7th of december 2010, 21:57:00 Wietse Venema wrote:
> Wietse Venema:
> > Thanks for the patch.
> >
> > Stefan Jakobs:
> > > I'am not aware of any dead-lock issues. The sequence pseudo-thread
> > > will query the database only once with
On Thursday, 6th Januar 2011, 21:02:17 Victor Duchovni wrote:
> On Thu, Jan 06, 2011 at 04:56:48PM +0100, Stefan Jakobs wrote:
> > > In this case, it is not as critical to set such a flag, but it is
> > > important to allow the existing scan to continue to completion, and
ed to
mail.example.com[aaa.bbb.ccc.ddd]:25: TLSv1 with cipher
DHE-RSA-CAMELLIA256-SHA (256/256 bits)
And now the TLS connection is trusted and verified. Why isn't it verfied with
'smtp_tls_security_level = may'?
Thanks for your help.
Best regards
Stefan
e problem goes away.
Postfix provides an MTA which is a quite important part of a *nix system. To
remove the MTA package from system breaks a lot of dependencies. To avoid that
you install your own package.
Greetings
Stefan
signature.asc
Description: This is a digitally signed message part.
sion
smtp_always_send_ehlo = yes
mail_version = 2.5.5
I think an initial greeting of
220 fully.qualified.hostname
is pretty common this days - especially with so called "anti spam,
anti malware" appliances.
Ciao
Stefan
--
Stefan Förster http://www.incertum.net/ Public Key: 0xBBE2A9E9
"UNIX *is* user-friendly; it's just picky about its friends."
immediately followed by "status=sent (250 ok)".
Thanks and regards
-stefan-
> > I am confused about the line "451 Message temporarily deferred"
> > immediately followed by "status=sent (250 ok)".
>
> 4xx are temporary Errors and Postfix tries the next MX.
>
> 68.142.202.247 != 98.137.54.237
Args, obviously you are right. Sorry for the noise...
Thanks
-stefan-
Hi all,
local_recipient_maps .vs. smtpd_recipient_restrictions - can
anybody tell me which test happens first on incoming emails?
Thanks and regards
-stefan-
On Thu, 2009-06-11 at 13:54 +0200, Magnus Bäck wrote:
> On Thu, June 11, 2009 1:03 pm, Stefan Palme said:
>
> > local_recipient_maps .vs. smtpd_recipient_restrictions - can
> > anybody tell me which test happens first on incoming emails?
>
> You're comparing apples
ample1.com - but I only want to
prevent one special mailbox to not receive any mail...
Thanks and regards
-stefan-
er them from backup (and merge them with the mails
meanwhile). After that, I have to reconstruct the mailbox database (I
use cyrus imap server). I don't want any new mails to come in during
this recovery phase because I have bad experience with this...
Thanks and regards
-stefan-
expect a conrete queue ID?
Thanks for any hints
Regards
-stefan-
ents).
Because a "DATA" command is only allowed when there has
been at least one valid recipient, all log messages
regarding invalid DATA / END-OF-DATA restrictions will
contain a QUEUEID (!="NOQUEUE").
Ok?
Thanks and regards
-stefan-
d, this might be a bad
idea.
> On this topic has anyone found a good DKIM signing solution that will work
> with multiple domains?
I don't understand that question. You can only sign domains for which
you have the private key.
Stefan
* Stefan Foerster :
> I _think_ (and I'm really not 100% sure if this would work) another
> possibility would be to use a feature introduced with Postfix 2.7,
> namely sender_dependent_default_transport_maps. You could define a
> transport which passes all mail to the DKIM proxy.
On Thu, Jan 7, 2010 at 1:25 PM, Patrick Chemla
wrote:
>> said "I just found that Postfix could send 1 million emails per hour
>> when I send less than a half million in 24 hours", but I can't make
>> sense of that, sorry.
>>
>
> I have to inject 2 to 4 millions emails to the postfix box in 24 hou
- and amongst them is the resolv.conf you changed.
I guess what happened is:
1. You didn't disable smtpd's chroot in master.cf.
2. You changed /etc/resolv.conf without copying it to the chroot.
3. You restarted Postfix using Debian's init script which copied the
changed resolv.conf file to the chroot.
Stefan
ll than
to discard it).
Still, getting load balancers out of a mail setup would be a nice
thing.
Stefan
ould like to spend
> those on postscreen.
Understood. I can live with deploying load balancers. Thanks anyways!
Stefan
* Wietse Venema :
> Stefan Foerster:
> > One of the greatest improvements in the 2.7 tree is the ability to
> > defer transmission of received messages to a SMTP proxy until the
> > message receiption completes (smtpd_proxy_options = speed_adjust).
>
> Can you be more
estion is answered in other parts of the documentation, I
apologize in advance.
Stefan
uot;tmpfs" with Linux)?
I know about RAM not being persistent across reboots, and I understand
what happens if the $postscreen_cache_map (or all the contents in
$data_directory) are lost.
Stefan
* Victor Duchovni :
> On Sat, Jan 23, 2010 at 06:08:40PM +0100, Stefan Foerster wrote:
> > In case of severe server "overload", with postscreen(8) complaining
> > about lookup and update times around 400ms almost every mail, is it
> > (reasonably) safe as
(of course, IP addresses
and other resources need to be migrated as well, but that's not
Postfix specific stuff) - or at least that's what "worked for me".
What would happen to mails which weren't completely received when the
original node crashed? Can I prevent qmgr from trying to deliver
those? Do I have to?
Stefan
* Victor Duchovni :
> On Thu, Jan 28, 2010 at 06:13:33PM +0100, Stefan Foerster wrote:
> > If in a mail cluster, with multiple machines having access to a shared
> > storage device (SAN, iSCSI) which is presented to the host as a normal
> > block device (e.g. /dev/sda,
* Victor Duchovni :
> On Thu, Jan 28, 2010 at 06:39:34PM +0100, Stefan Foerster wrote:
> > If the node doesn't have to process any new incoming mail, will qmgr
> > be able to handle six digit deferred queues?
>
> So long as you just drain this queue, and don't ta
net/ has 2.6.5 and
2.7-20100117 (I'll package 2.7.0rc2 ASAP) packages. I tried to include
a few bug fixes (packaging wise) that are not yet included, e.g.
improved handling of multi-instace setups.
Be aware that I'm not an official Debian Developer, though.
Stefan
Hallo Wietse,
* Wietse Venema :
> Robert Schetterer:
> > Hi Wietse, is their any
> > fixed release date for version 2.7 ?
>
> There is a release candidate for testing.
The TLS caches won't get automatic cleanups in the initial 2.7
release(s)?
Stefan
* Stefan Foerster :
> * Wietse Venema :
> > Robert Schetterer:
> > > Hi Wietse, is their any
> > > fixed release date for version 2.7 ?
> >
> > There is a release candidate for testing.
>
> The TLS caches won't get automatic cleanups in the init
* Wietse Venema :
> Stefan Foerster:
> > The TLS caches won't get automatic cleanups in the initial 2.7
> > release(s)?
>
> TLS caches have always had automatic cache cleanup.
>
> In fact, the verify and postscreen daemons use a library module
> that conta
Any ideas how to solve this?
Thanks and regards
-stefan-
On Wed, 2010-02-10 at 15:26 -0500, Wietse Venema wrote:
> Stefan Palme:
> > ...
> > For testing purposes, I want to skip the policy service for some
> > recipient addresses, for other recipients I want to skip the spamhaus
> > check, and for a third class of recipients
e able to define the default
behaviour for all the not explicitly specified recipient addresses].
Regards
-stefan-
admin with LDAP access privileges
will define the default behaviour), so I can not use regular expression
lookups, but only the lookups as defined by the access(5) syntax.
-stefan-
Hi,
Is the effect of
content_filter = smtp:[127.0.0.1]:10025
the same as
transport_maps = hash:/etc/postfix/transports
/etc/postfix/transports:
*smtp:[127.0.0.1]:10025
?
Thanks and regards
-stefan-
tc. it does not really make any
difference if I use a simple transport_map or the content_filter
declaration?
Regards
-stefan-
On Sun, 2010-02-14 at 23:44 +0100, mouss wrote:
> Stefan Palme a écrit :
> >> check_recipient_access hash:/etc/postfix/recipients
> >> check_recipient_access pcre:/etc/postfix/recipients_default
> >>
> >> // REJECT rejected for testing purposes
> >
received - knows that it cannot
currently deliver this mail, or that it cannot possibly deliver a
NDR.
Stefan
ot
the "Perhaps surprisingly, ..." answer right in my face (not from
you). So, "Perhaps surprisingly, ..." would clearly translate into
"Since you missed the obvious, ...".
S/NR--;
Stefan
ect Syntax in MySQL to concatenate strings) - as
a result, you should get ONE field for the "right hand side" of the
access map...
-stefan-
f the score is exceeded.
Does that sound like a somewhat reasonable idea, or more like b/s?
Stefan
posting again and reading the cited
paragraph as well as the remainder of your reply, comparing complexity
with gain, I'd like to withdraw my feature request.
Stefan
s.
>
> What is supposed to happen in the absence of a valid DNS reply?
> Is there a difference between SERVAIL, timeout, and so on?
> I don't want to be swamped with bug reports that "postfix
> has buggy access control".
Unfortunately, RFC 5782 isn't helpful for answering those questions.
Stefan
l client IP address not the forwarded one,
> subject to $smtpd_client_event_limit_exceptions.
Does the same apply to XCLIENT?
Stefan
t; 250-XXXA
> 250-AUTH PLAIN LOGIN
> 250-AUTH=PLAIN LOGIN
> 250-ENHANCEDSTATUSCODES
> 250-8BITMIME
> 250 DSN
Your firewall is filtering SMTP traffic, replacing the standard
Postfix banner with something of it's own. Is that a PIX? If yes, turn
off SMTP inspection.
Stefan
for some cleanup with multiple instances ;-)
Stefan
# postconf -n
alias_database = cdb:${maps_dir}/aliases
alias_maps = cdb:${maps_dir}/aliases
allow_percent_hack = no
append_dot_mydomain = no
biff = no
bounce_queue_lifetime = 1d
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
de
* Stefan Foerster :
> This morning, I upgraded from 2.8-20100213 to 2.8-20100306 and enabled
> IPv6. I have always used the lmtp(8) client to feed messages to
Follow-up to myself: This happens without inet_protocols=ipv4, too.
Stefan
> amavisd-new (well, those that picked up by
* Wietse Venema :
> Stefan Foerster:
> See DEBUG_README for instructions to attach a non-interactive debugger.
>
> The only change in the SMTP client is the smtp_address_preference and
> lmtp_address_preference parameters, which were tested only for SMTP.
Unfortunately, even afte
MTP client is the smtp_address_preference and
> > > lmtp_address_preference parameters, which were tested only for SMTP.
> >
> > I was able to reproduce that on my installation with Stefan's help.
> > Attached is the backtrace
>
> I guess the fix would be:
Works for me. Thanks.
Stefan
> a valid_utf_8() routine in anticipation of a future standardization
> of UTF8SMTP?
As of today, is u...@schön.example.com the same user as
u...@xn--schn-7qa.example.com, as far as e.g. access(5) maps are
concerned?
Stefan
_recipient_access to smtpd_recipient_restrictions also
does not work (because the original recipient's address is
@example.com).
Any ideas?
Thanks and regards!
-stefan-
ppened here? Do I need to worry? If you need the output
of "postconf -n", do you need the output from the "-hub" instance
only?
Stefan
* Wietse Venema :
> Stefan Foerster:
> > It was followed by what seemed the normal delivery of a single mail:
> >
> > postfix-hub/smtpd[27112]: 1E0DE10003:
> > client=edge.kvm.incertum.net[192.168.122.13]
>
> Right, this is a new message that has claimed the na
not
cause harm.
I think I can live with my presumed occasional stupor, as log as it
only resurfaces every four years.
As always, thank you for the insightful technical explanations.
Stefan
ns generated at test-run time).
Perhaps "swaks" is the right tool for you:
http://jetmore.org/john/code/swaks/
Stefan
o the
mail's deferral) - how do I actually access the contents of this
file?
Stefan
* Stefan Foerster :
> I'm most likely doing it wrong:
>
> $ postmulti -i postfix-out -x mailq
> -Queue ID- --Size-- Arrival Time -Sender/Recipient---
> 1BCBD1DF86 2622 Mon Jun 7 03:02:34
> boskop-svn-bounces+trac=trac.incertum@lists.incertum.net
?
Thanks for your help and kind regards
Stefan
Wietse wrote on August 22nd 2008:
> Stefan Jakobs:
> > Hello list,
> >
> > I use Postfix 2.4.3 on two (actually four, but let's assume two)
> > mailgateways. Both do recipient verification and cache the results
much more errors for a popular German freemail
provider. Since you are using rate delays, your concurrency limit will
basically be one, and this might very well be related to what you see.
I don't know if you need to reload postfix and/or requeue the messages
with "postsuper -r" after changing
transport_destination_concurrency_failed_cohort_limit.
Stefan
, e.g. "/etc/passwd"? It
seems to work here with users provided by other means (LDAP). Is it
supported to state users here which are not in "/etc/passwd" (or
whatever the system passwd file might be)?
Stefan
* Victor Duchovni :
> On Thu, Jun 10, 2010 at 06:28:15AM +0200, Stefan Foerster wrote:
>
> > > $ postmulti -i postfix-out -x mailq
>
> This is correct.
>
> > > -Queue ID- --Size-- Arrival Time -Sender/Recipient---
> > > 1BCBD1DF86 2
). If those tables are provided by means of proxymap(8) (to
e.g. save memory on very large CIDR tables), will the tables be
re-read as soon as a newly spawned smtpd(8) makes a connection to
proxymap(8) or is it necessary to reload Postfix?
Stefan
). If those tables are provided by means of proxymap(8) (to
e.g. save memory on very large CIDR tables), will the tables be
re-read as soon as a newly spawned smtpd(8) makes a connection to
proxymap(8) or is it necessary to reload Postfix?
Stefan
* Stan Hoeppner :
> Stefan Foerster put forth on 6/20/2010 5:16 AM:
> > and furthermore assuming a limit of 40 proxymap(8) processes defined
> > in master.cf, will this result in 40 or 80 connections to the
> > database?
>
> I have no idea on this one. The whole point
* Wietse Venema :
> Stefan Foerster:
> > Two questions regarding proxymap:
> >
> > 1. Is a single proxymap(8) process able to handle multiple lookup
> > tables? I.e., taking the example from the manpage, modifying it to
> >
> > mysql = proxy:mysql:/etc/p
quot;hub" using smtpd_client_event_limit_exceptions?
Disclaimer/for the archive: In cases like that, it's probably much
better to provide a list of valid recipients to "gate".
Stefan
* Wietse Venema :
> Stefan Foerster:
> > What happens after "gate" has tried to validate more than
> > "$smtpd_soft_error_limit" invalid recipients? Will it be slowed down?
> > Is it possible to exclude "gate" from that artificial slowdown on
* Stefan Foerster :
> It would still be nice to know whether smtpd_client_event_limit_exceptions
> will prevent the additional delays.
NVM. This code in smtpd_chat.c, within smtpd_chat_reply, is
executed without making any reference to
smtpd_client_event_limit_exceptions:
,[ smtpd_
* Wietse Venema :
> Stefan Foerster:
> > * Wietse Venema :
> > > Tarpit delays by the hub will slow down the dictionary attack.
> > > Is that a problem?
> >
> > It can delay legitimate mail with yet unverified recipients, but
> > that's pret
mplex, you could use different
> Postfix instances. Using a university as an example, that would be
> one Postfix instance for the professors and one for the students.
I don't think the professors would like it very much if _their_ mail had
lower priority than their students' ;-)
Stefan
e in Postfix that performs lookups in
smtpd_sender_login_maps in the same matter as lookups in an access(5)
table are done, with regards to address extensions?
Oh, BTW: Multi-instance support is a terrific feature.
Cheers
Stefan
P.S: I don't really want to get into an argument about why anyon
* Stefan Foerster :
> # postmulti -i postfix-sasl -x postconf recipient_delimiter
> smtpd_sender_login_maps
> recipient_delimiter = +
> smtpd_sender_login_maps = proxy:pgsql:${maps_dir}/sasl-maps.pgsql
Damn. While editing, I accidentally deleted the ".restricted" at th
* Victor Duchovni :
> On Sun, Jul 18, 2010 at 12:14:17PM +0200, Stefan Foerster wrote:
>
> > Given: A dedicated Postfix instance, configured to accept mails from
> > SASL authenticated users. It seems that unlike access(5) maps, the
> > lookup for smtpd_sender_login_
o debug this further. The output of
"postconf -n" can be found below.
Stefan
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug
incoming backscatter, but now Postfix is generating the
backscatter. How do I stop it from doing so?
Thanks,
Stefan
On Tue, 31 Aug 2010 11:20:37 -0400 (EDT), Wietse Venema
wrote:
> Stefan Seidel:
>> This forwarding to external addresses however, makes my Postfix create
>> backscatter. Example:
>> hijac...@yahoo.example.com sends email to u...@mysystem.com ->
>> virtual_
On Tue, 31 Aug 2010 17:39:50 +0100, Simon Waters wrote:
> On Tuesday 31 August 2010 16:57:16 Stefan Seidel wrote:
>>
>> Additionally, the mail is also stored to a local
>> mailbox. I know, that means that users could fetch them via
>> POP3/IMAP/Webmail, but as it
On Tue, 31 Aug 2010 13:45:25 -0400 (EDT), Wietse Venema
wrote:
> Stefan Seidel:
>> I was actually in favour of using SRS as I also use SPF and it is often
>> mentioned that SRS is needed for SPF to work across forwarding, however
>> everything I found on the internet told m
ions:
@domain1.com validuser1
@domain2.com validuser2
-> then "unwanteduser" will not be able to send from either domain,
because it's login name does not appear in any list of allowed accounts.
Stefan
"invalid host name in envelope-from" or something.
Now, I usually know how to fix those config errors, but what I don't
know is how to recover those messages: where does Postfix stash them
after getting the rejection?
Stefan
PS: Seeing now how postfix-users is happy to drop e
iven the amount of email I have received and sent during
the days that I sent messages to postfix-users, it seems hard
to explain.
Stefan
. What I'm asking is not hard to implement
and doesn't seem to have much subtle negative side-effects.
Stefan
On Friday 01 October 2010 18:58:26 Wietse Venema wrote:
> Stefan:
> > Hi list,
> >
> > I'm in the process of adding write support to postfix's mysql client (you
> > will find a patch against postfix-2.7.1 in the appendix). But I have two
> > pro
On Friday 15 October 2010 16:53:40 Victor Duchovni wrote:
> On Fri, Oct 15, 2010 at 03:05:33PM +0200, Stefan wrote:
> > in the appendix you will find a patch against Postfix 2.7.1 which adds
> > write support to Postfix' MySQL client.
> >
> > If someone like to te
d that the "postfix-gy" instance is working properly by
destroying it, recreating it and feeding it some mails via SMTP. I can
easily write a few lines of Perl to feed the backup of the old mail
queue to the new instance that way - would that be a viable
workaround?
Thanks
Stefan
On Tuesday 14 December 2010 14:43:23 Wietse Venema wrote:
> Stefan:
> > A drawback is that this
> > solution is not as configurable/flexible as the other one. And it's still
> > the case that the first two values of a fetched tuple must be the
> > address and its
'm not sure if it is possible that two cleanup processes can run
simultaneously. Wietse, how are the cleanup processes scheduled and executed?
From the above it looks as if the next cleanup process will not be scheduled
until the current one has finished. Is that the case?
Thanks for your patien
n. A subsequent cleanup process will start as
scheduled.
I don't use a flag to put a simultaneously running cleanup process on hold, it
will just be skipped. And that shouldn't be a problem because the cleanup
process isn't a time critical process.
I'm sorry for the confusion.
regards
Stefan
and the only sites that seem to use EECDH
are sites running Postfix. Anecdotal evidence from several smallish,
private mail servers.
Stefan
* Mark Alan :
> On Sun, 6 Feb 2011 22:22:52 +0100, Patrick Ben Koetter
> wrote:
>
> > If there are "significant differences that are not Debian related"
> > Stefan certainly has had reasons to add them.
>
> That's certainly a way to view things and I re
* Robert Schetterer :
> whatever, i use this debs they are up and running,
> in ubuntu lucid
You should not use these packages on Ubuntu - they lack some of the
necessary triggers like e.g. ufw.
Cheers
Stefan
* Mark Alan :
> On Mon, 7 Feb 2011 17:49:38 +0100, Stefan Foerster
> Apparently you did so just to cope with the novice user that does
> not know how to use MySQL with Postfix chrooted services.
Believe me, nothing is more annyoing than seeing other people
suffering from chroot related
on't know, but I know for sure
that there is a LDAP protocol settings dialogue in the Exchange server
administration GUI. Perhaps someone else can shed some light on this
one.
Ciao
Stefan
--
Stefan Förster http://www.incertum.net/ Public Key: 0xBBE2A9E9
FdI #54: Jetzt mit neuem, umfa
' for that.
You can do this with fetchmail. "user foo there with password bar is
baz here".
> virtual_alias_domains = hotmail.com yahoo.com
Don't do that. It basically tells your Postfix to lookup all mails for
hotmail/yahoo in this table, and if the receiver is not found, the
m
On Tue, 2009-06-16 at 16:43 +0200, Ralf Hildebrandt wrote:
> I'm trying out postscreen. No unexpected explosions so far.
> ...
May I ask what exactly "postscreen" is? I've never heard about it
and can not find any references in the web...
Thanks and regards
-stefan-
calfax" (given that you substitue "my.domain" with a
domain which is part of mydestination).
In /etc/aliases, add
localfax: |/path/to/program
and issue "newaliases".
Cheers
Stefan
* Stefan Förster wrote:
> /(.*)@fax.send/ local...@my.domain,${1}final.mailserver
/(.*)@fax.send/ local...@my.domain,$...@final.mailserver
The "@" was missing.
ly are you trying to do with Sieve filtering?
Cheers
Stefan
1 - 100 of 411 matches
Mail list logo
