Questions about dedicated transport

[David Donchez]

Hello,

I'm currently running Postfix 2.5 on FreeBSD 7.0 and I have a problem.

I want to run many processus smtpd without using multi-instances of Postfix. So 
i can do it in the master.cfhttp://master.cf without any problems.

Exemple :

smtp   inet  n   -   n   -   100   smtpd
127.0.0.1:10025http://127.0.0.1:10025   inet  n   -   n   -   
100   smtpd
127.0.0.1:10026http://127.0.0.1:10026   inet  n   -   n   -   
100   smtpd

Ok, i have Postix listening on port 25, 10025 ans 10026.

Now i want to create three processus smtp (transport). I know how to do it too.

Exemple :

smtp unix-   -   n   -   100   smtp
  -o myhostname=server1
way1 unix-   -   n   -   100   smtp
  -o myhostname=server2
way2 unix-   -   n   -   100   smtp
  -o myhostname=server3

Now, i am working on a solution for associate a processus smtpd to a process 
smtp.
When i send a mail using postfix (linstening on port 10025), i want that the 
mail will be send by the entry way1.
Exemple :
 nc 127.0.0.1http://127.0.0.1 25
220 server0 ESMTP Postfix

MAIL FROM ...
RCPT TO ...
...
...

I want that this mail will be transported by the transport smtp.

If i send the mail using Postfix on port 10025, i want that it will be 
transported by the transport way1...

Maybe there is another way to realise it.

In fact, if i send a mail using Postfix on port 10025, i want that the mail 
will be sent by the hostname server1 and the ip IP1.  If i send a mail using 
Postfix on port 10026,  i want that the mail will be sent by the hostname 
server2 and the ip IP2.

I hope that my request is so clear.
Thank you for your reply.

Re: Questions about dedicated transport

[Ralf Hildebrandt]

* David Donchez [EMAIL PROTECTED]:
 Hello,
 
 I'm currently running Postfix 2.5 on FreeBSD 7.0 and I have a problem.
 
 I want to run many processus smtpd without using multi-instances of Postfix. 
 So i can do it in the master.cfhttp://master.cf without any problems.
 
 Exemple :
 
 smtp   inet  n   -   n   -   100   smtpd
 127.0.0.1:10025http://127.0.0.1:10025   inet  n   -   n   - 
   100   smtpd
 127.0.0.1:10026http://127.0.0.1:10026   inet  n   -   n   - 
   100   smtpd
 
 Ok, i have Postix listening on port 25, 10025 ans 10026.
 
 Now i want to create three processus smtp (transport). I know how to do it 
 too.
 
 Exemple :
 
 smtp unix-   -   n   -   100   smtp
   -o myhostname=server1
 way1 unix-   -   n   -   100   smtp
   -o myhostname=server2
 way2 unix-   -   n   -   100   smtp
   -o myhostname=server3
 
 Now, i am working on a solution for associate a processus smtpd to a process 
 smtp.

That's not possible. Use multiple instances.


-- 
Ralf Hildebrandt ([EMAIL PROTECTED])  [EMAIL PROTECTED]
Postfix - Einrichtung, Betrieb und Wartung   Tel. +49 (0)30-450 570-155
http://www.arschkrebs.de  I'm looking for a job
I am the ILOVEGNU signature virus. Just copy me to your signature.
This email was infected under the terms of the GNU General Public License.

tiscali hostsed email domains unreachable? Or is it just me?

[Ralf Hildebrandt]

# qshape deferred |head
 T  5 10 20 40 80 160 320 640 1280 1280+
 TOTAL 127  3  0  2  2  1   0   3   2 2292
worldonline.de  41  0  0  0  0  0   0   1   2 1028
 surfeu.de  16  0  0  0  0  0   0   2   0  113
tiscali.de  10  0  0  0  0  0   0   0   0  2 8
planet-interkom.de   5  0  0  0  0  0   0   0   0  2 3
 addcom.de   3  0  0  0  0  0   0   0   0  0 3

~# host -t mx worldonline.de
worldonline.de   MX 10 mx12.unit.tiscali.de
worldonline.de   MX 10 mx10.unit.tiscali.de
worldonline.de   MX 10 mx11.unit.tiscali.de

~# host -t mx surfeu.de
surfeu.deMX 10 mx10.unit.tiscali.de
surfeu.deMX 10 mx12.unit.tiscali.de
surfeu.deMX 10 mx11.unit.tiscali.de

~# host -t mx tiscali.de
tiscali.de   MX 10 mx12.unit.tiscali.de
tiscali.de   MX 10 mx11.unit.tiscali.de
tiscali.de   MX 10 mx10.unit.tiscali.de

~# host -t mx planet-interkom.de
planet-interkom.de   MX 10 mx10.unit.tiscali.de
planet-interkom.de   MX 10 mx12.unit.tiscali.de
planet-interkom.de   MX 10 mx11.unit.tiscali.de

~# host -t mx addcom.de
addcom.deMX 10 mx11.unit.tiscali.de
addcom.deMX 10 mx12.unit.tiscali.de
addcom.deMX 10 mx10.unit.tiscali.de

Does any of their MX hosts work for any of you?

-- 
Ralf Hildebrandt ([EMAIL PROTECTED])  [EMAIL PROTECTED]
Postfix - Einrichtung, Betrieb und Wartung   Tel. +49 (0)30-450 570-155
http://www.arschkrebs.de  I'm looking for a job
Also, don't replace your computer's messages (which, to people who
know how to help you, are crystal clear) with your own summaries
(which are, as you know, coming from someone who doesn't understand
the situation). If the messages take a lot of space, post them on the
web.
Try to avoid providing the answer you _think_ we are after _instead_
of the one we actually asked for. It's usually okay to do it in
supplement (provided it's clear which is which), but avoid doing it
_instead_.

amavisd-new with dkimproxy

[kemas]

Hi All,

can someone give me light on this, e
I followed http://www.ijs.si/software/amavisd/amavisd-new-docs.html 
about dkim signing,
the doc talk about it can be achieve the same with dkimproxy but I 
google around but still can figure it out how to make it work

like that.

Perhaps I'm doing damn wrong here please point me out
My setup is postfix 2.5.5 with amavisd-new 2.6.1

External mail ---  smtp:10024 --- smtp:10025
- external mail came in
- caught by postfix filter to be sent to amavis on port 10024,
- enter External policy bank do some work
- and goes to port 10025 fo reinjection to postfix

Internal mail  --- smtp:10026  
dkimproxy_out:4445 -- smtp:10027

- internal mail came in, sent to amavis on port 10026
- enter 10026 policy bank do some work
- goes to dkimproxy_out on port 4445
- then dkimproxy reinject the mail back to postfix on port 10027

did I break anything?

thx

OT: Sender Header

[Neil]

At what point does the Sender:  header usually get added to the mail?

Because some (and so far the only pattern is It shows up when  
subscribing to the SpamAssassin Mailing List.) of my mails at getting  
that header attached (and with a bad address) and it's annoying me...


Sorry for being off-topic; but I'm just not sure where to ask.

Thanks,
-N.

Newbie question

[kyoku cocinillas]

Hi,

Theres something that i dont have very clear. I know in everywhere is
recommended to have a fully qualified domain name for your system if you
intend to make it a mail server.
Now my question is: if is going to be an internal mail server, and the
domains will be hosted virtually using mysql, is it necessary to still
have an FQDN for the system? or will postfix be allright with the domain
name info stored in the database?

I am asking this cause the idea is to have a dedicated server in a
datacenter that basically serves as primary MX, and then the internal
server inhouse which will retrieve the email from the primary MX and
will server the internal network.

I dont know if i explain right, i  am having a missconception problem i
believe, could someone clarify please?, thanks in advance.

regards,

Re: Questions about dedicated transport

[Wietse Venema]

Ralf Hildebrandt:
  Exemple :
  
  smtp unix-   -   n   -   100   smtp
-o myhostname=server1
  way1 unix-   -   n   -   100   smtp
-o myhostname=server2
  way2 unix-   -   n   -   100   smtp
-o myhostname=server3
  
  Now, i am working on a solution for associate a processus smtpd to a 
  process smtp.
 
 That's not possible. Use multiple instances.

Multiple MTA personalities are currently not supported in Postfix.

Even -o content_filter=way1: etc. comand-line options would not
provide correct MTA behavior, for example, with non-delivery
notifications or non-SMTP destinations. Postfix would have to store
the MTA name in the queue file and pass it around in the internal
client-server protocols.

Wietse

Re: Questions about dedicated transport

[Wietse Venema]

Wietse Venema:
 Ralf Hildebrandt:
   Exemple :
   
   smtp unix-   -   n   -   100   smtp
 -o myhostname=server1
   way1 unix-   -   n   -   100   smtp
 -o myhostname=server2
   way2 unix-   -   n   -   100   smtp
 -o myhostname=server3
   
   Now, i am working on a solution for associate a processus smtpd to a 
   process smtp.
  
  That's not possible. Use multiple instances.

Multiple instances will do the job.

 Multiple MTA personalities are currently not supported in Postfix.

That is, one set of main.cf/master.cf files that simulates
multiple mail serves.

 Even -o content_filter=way1: etc. comand-line options would not
 provide correct MTA behavior, for example, with non-delivery
 notifications or non-SMTP destinations. Postfix would have to store
 the MTA name in the queue file and pass it around in the internal
 client-server protocols.
 
   Wietse
 
 

Re: Split MX and user name lookup

[Nikita Kipriyanov]

Michael Moritz пишет:

On Wednesday 05 November 2008 14:41:42 mouss wrote:
  

Thanks. Any idea how to populate /etc/postfix/relay_recipients with all
valid usernames?
  

rsync, mysql, postgres, ldap, ... etc.



Thanks but I have quite a number of different soures for usernames (sql, 
aliases, virtusers, ..). Just thinking since one machine is already running 
postfix and knows all the valid reciepient names isn't there a simple way 
of getting that full list - surely it must be stored somewhere?
  

It is stored on that one machine, in different sources (sql, aliases,
virtusers).
Postfix doesn't aggregate this information, it queries sql, db-files etc.

So, if you want to have it aggregated, you must do it yourself.

Re: Split MX and user name lookup

[Wietse Venema]

Nikita Kipriyanov:
 Michael Moritz ?:
  On Wednesday 05 November 2008 14:41:42 mouss wrote:

  Thanks. Any idea how to populate /etc/postfix/relay_recipients with all
  valid usernames?

  rsync, mysql, postgres, ldap, ... etc.
  
 
  Thanks but I have quite a number of different soures for usernames (sql, 
  aliases, virtusers, ..). Just thinking since one machine is already running 
  postfix and knows all the valid reciepient names isn't there a simple way 
  of getting that full list - surely it must be stored somewhere?

 It is stored on that one machine, in different sources (sql, aliases,
 virtusers).
 Postfix doesn't aggregate this information, it queries sql, db-files etc.
 
 So, if you want to have it aggregated, you must do it yourself.

The only aggregation method for this purpose that's built into
Postfix is called reject_unverified_recipient, and this builds
the table one query at a time.

Wietse

Re: Split MX and user name lookup

[Michael Moritz]

On Thursday 06 November 2008 14:03:09 Wietse Venema wrote:
 Nikita Kipriyanov:
  Michael Moritz ?:
   On Wednesday 05 November 2008 14:41:42 mouss wrote:
   Thanks. Any idea how to populate /etc/postfix/relay_recipients with
   all valid usernames?
  
   rsync, mysql, postgres, ldap, ... etc.
  
   Thanks but I have quite a number of different soures for usernames
   (sql, aliases, virtusers, ..). Just thinking since one machine is
   already running postfix and knows all the valid reciepient names
   isn't there a simple way of getting that full list - surely it must be
   stored somewhere?
 
  It is stored on that one machine, in different sources (sql, aliases,
  virtusers).
  Postfix doesn't aggregate this information, it queries sql, db-files etc.
 
  So, if you want to have it aggregated, you must do it yourself.

 The only aggregation method for this purpose that's built into
 Postfix is called reject_unverified_recipient, and this builds
 the table one query at a time.

Thjanks Wietse and Nikita. I currently use reject_unverified_recipient. There 
are two (or maybe three) problems I have with this though: First if an 
address hasn't been checked it gives a 4xx while checking on the main 
machine - I'm already using gps for greylisting and this is an additional 
delay and the machines are even physically next to each other and secondly, 
since I use a recipients cache file that will grow and need maintaining. (The 
third problem would be having to delete (?) the cache every time users, 
aliases, sql, etc are altered on the mail/smtp machine). Could postfix offer 
some sort of verify this address service / socket / port?

Thanks

mimo

Re: OT: Sender Header

[Brian Evans - Postfix List]

Neil wrote:
 At what point does the Sender:  header usually get added to the mail?

 Because some (and so far the only pattern is It shows up when
 subscribing to the SpamAssassin Mailing List.) of my mails at getting
 that header attached (and with a bad address) and it's annoying me...

The Sender header is optional when Sender and From are equal.
It is added by the mail client, not the server.

See RFC2822: http://www.apps.ietf.org/rfc/rfc2822.html#sec-3.6.2

Brian

Re: Split MX and user name lookup

[Nikita Kipriyanov]

Michael Moritz пишет:
Thjanks Wietse and Nikita. I currently use reject_unverified_recipient. There 
are two (or maybe three) problems I have with this though: First if an 
address hasn't been checked it gives a 4xx while checking on the main 
machine - I'm already using gps for greylisting and this is an additional 
delay and the machines are even physically next to each other and secondly, 
since I use a recipients cache file that will grow and need maintaining. (The 
third problem would be having to delete (?) the cache every time users, 
aliases, sql, etc are altered on the mail/smtp machine). Could postfix offer 
some sort of verify this address service / socket / port?
  
Don't you think that simply using same sql database (and same files, 
through nfs) on the relay machine might be a better idea, than copying 
information and maintaining cache?


If these machines are physically close, it would be enough fast.

Re: tiscali hostsed email domains unreachable? Or is it just me?

[Robert Schetterer]

Ralf Hildebrandt schrieb:
 # qshape deferred |head
  T  5 10 20 40 80 160 320 640 1280 1280+
  TOTAL 127  3  0  2  2  1   0   3   2 2292
 worldonline.de  41  0  0  0  0  0   0   1   2 1028
  surfeu.de  16  0  0  0  0  0   0   2   0  113
 tiscali.de  10  0  0  0  0  0   0   0   0  2 8
 planet-interkom.de   5  0  0  0  0  0   0   0   0  2 3
  addcom.de   3  0  0  0  0  0   0   0   0  0 3
 
 ~# host -t mx worldonline.de
 worldonline.de   MX   10 mx12.unit.tiscali.de
 worldonline.de   MX   10 mx10.unit.tiscali.de
 worldonline.de   MX   10 mx11.unit.tiscali.de
 
 ~# host -t mx surfeu.de
 surfeu.deMX   10 mx10.unit.tiscali.de
 surfeu.deMX   10 mx12.unit.tiscali.de
 surfeu.deMX   10 mx11.unit.tiscali.de
 
 ~# host -t mx tiscali.de
 tiscali.de   MX   10 mx12.unit.tiscali.de
 tiscali.de   MX   10 mx11.unit.tiscali.de
 tiscali.de   MX   10 mx10.unit.tiscali.de
 
 ~# host -t mx planet-interkom.de
 planet-interkom.de   MX   10 mx10.unit.tiscali.de
 planet-interkom.de   MX   10 mx12.unit.tiscali.de
 planet-interkom.de   MX   10 mx11.unit.tiscali.de
 
 ~# host -t mx addcom.de
 addcom.deMX   10 mx11.unit.tiscali.de
 addcom.deMX   10 mx12.unit.tiscali.de
 addcom.deMX   10 mx10.unit.tiscali.de
 
 Does any of their MX hosts work for any of you?
 
youre right tiscali domains are offline ,company was sold to freenet
nobody knows why they dont delete their mx s
i advice to create error transports for those domains

-- 
Best Regards

MfG Robert Schetterer

Germany/Munich/Bavaria

Split MX and user name lookup part II

[Michael Moritz]

This is a problem we came upon while setting up the split MX (described 
earlier on this list). On the the smtp gateway I have this in master.cf

smtp  inet  n   -   -   -   20 smtpd
-o cleanup_service_name=pre-cleanup
-o smtpd_proxy_filter=127.0.0.1:10024
-o smtpd_client_connection_count_limit=10
-o content_filter=
#-o content_filter=127.0.0.1:10024

The proxy filter is amavis doing spamassassin. It's based on some docs I found 
about pre queue insertion content inspection on postfix.org. The idea is to 
eliminate backscatter.
The (well known) problem with this is that once the machine gets busy messages 
start getting queued via the secondary MX, introducing additional delays. I 
think it would be a killer feature of postfix if it started doing something 
like this: once all the smtp processes (20 above) are in use switch to 
accepting smtp connections but doing content filtering (e.g. similar to the 
line commented out above). Is this already feasible in postfix? 

Thanks for any replies

mimo

Re: tiscali hostsed email domains unreachable? Or is it just me?

[Ralf Hildebrandt]

* Robert Schetterer [EMAIL PROTECTED]:

 youre right tiscali domains are offline ,company was sold to freenet
 nobody knows why they dont delete their mx s
 i advice to create error transports for those domains

tiscali.de  error:Tiscali hat den Maildienst zu tiscali.de zum 
15.10.2008 eingestellt
12move.de   error:Tiscali hat den Maildienst zu 12move.de zum 
15.10.2008 eingestellt
planet-interkom.de  error:Tiscali hat den Maildienst zu planet-interkom.de 
zum 15.10.2008 eingestellt
addcom.de   error:Tiscali hat den Maildienst zu addcom.de zum 
15.10.2008 eingestellt
surfeu.de   error:Tiscali hat den Maildienst zu surfeu.de zum 
15.10.2008 eingestellt
nikocity.de error:Tiscali hat den Maildienst zu nikocity.de zum 
15.10.2008 eingestellt
worldonline.de  error:Tiscali hat den Maildienst zu worldonline.de zum 
15.10.2008 eingestellt
swp-net.de  error:Tiscali hat den Maildienst zu swp-net.de zum 
15.10.2008 eingestellt
tiscalimail.de  error:Tiscali hat den Maildienst zu tiscalimail.de zum 
15.10.2008 eingestellt
tiscalinet.de   error:Tiscali hat den Maildienst zu tiscalinet.de zum 
15.10.2008 eingestellt

-- 
Ralf Hildebrandt ([EMAIL PROTECTED])  [EMAIL PROTECTED]
Postfix - Einrichtung, Betrieb und Wartung   Tel. +49 (0)30-450 570-155
http://www.arschkrebs.de  I'm looking for a job
   Three OS for the Hackers-Kings under the sky,
Seven for the Business-Lords in their halls of stone,
Nine for Mortal Lamdba-Users doomed to die,
 One for the Dark Lord on his dark throne,
 In the Land of Redmond where the FUD lie.
   One OS to rule them all, One OS to trick them,
One OS to bring them all and in the darkness bind them,
 In the Land of Redmond where the FUD lie.

Re: tiscali hostsed email domains unreachable? Or is it just me?

[Robert Schetterer]

Ralf Hildebrandt schrieb:
 # qshape deferred |head
  T  5 10 20 40 80 160 320 640 1280 1280+
  TOTAL 127  3  0  2  2  1   0   3   2 2292
 worldonline.de  41  0  0  0  0  0   0   1   2 1028
  surfeu.de  16  0  0  0  0  0   0   2   0  113
 tiscali.de  10  0  0  0  0  0   0   0   0  2 8
 planet-interkom.de   5  0  0  0  0  0   0   0   0  2 3
  addcom.de   3  0  0  0  0  0   0   0   0  0 3
 
 ~# host -t mx worldonline.de
 worldonline.de   MX   10 mx12.unit.tiscali.de
 worldonline.de   MX   10 mx10.unit.tiscali.de
 worldonline.de   MX   10 mx11.unit.tiscali.de
 
 ~# host -t mx surfeu.de
 surfeu.deMX   10 mx10.unit.tiscali.de
 surfeu.deMX   10 mx12.unit.tiscali.de
 surfeu.deMX   10 mx11.unit.tiscali.de
 
 ~# host -t mx tiscali.de
 tiscali.de   MX   10 mx12.unit.tiscali.de
 tiscali.de   MX   10 mx11.unit.tiscali.de
 tiscali.de   MX   10 mx10.unit.tiscali.de
 
 ~# host -t mx planet-interkom.de
 planet-interkom.de   MX   10 mx10.unit.tiscali.de
 planet-interkom.de   MX   10 mx12.unit.tiscali.de
 planet-interkom.de   MX   10 mx11.unit.tiscali.de
 
 ~# host -t mx addcom.de
 addcom.deMX   10 mx11.unit.tiscali.de
 addcom.deMX   10 mx12.unit.tiscali.de
 addcom.deMX   10 mx10.unit.tiscali.de
 
 Does any of their MX hosts work for any of you?
 

as i mailed before these domains are offline
tiscali was bought by freenet and stopped mail service
mxs werent deleted ( who knows why )
advice to create error transports

await the same for
imail.de und eplus-online.de

imail.de goes to gmx but users have to
inform gmx to migrate their mail adresses
as real world this will lead to many bounces by ignorant mailusers

-- 
Best Regards

MfG Robert Schetterer

Germany/Munich/Bavaria

Re: Split MX and user name lookup

[Wietse Venema]

Michael Moritz ?:
 since I use a recipients cache file that will grow and need maintaining. (The 
 third problem would be having to delete (?) the cache every time users, 
 aliases, sql, etc are altered on the mail/smtp machine). Could postfix offer 
 some sort of verify this address service / socket / port?

You don't have to delete the cache when the user is changed.

The socket is called SMTP, and the command is called RCPT TO. 
It makes no sense to implement another service for this.

Wietse

Re: Split MX and user name lookup part II

[mouss]

Michael Moritz wrote:
This is a problem we came upon while setting up the split MX (described 
earlier on this list). On the the smtp gateway I have this in master.cf


smtp  inet  n   -   -   -   20 smtpd
-o cleanup_service_name=pre-cleanup
-o smtpd_proxy_filter=127.0.0.1:10024
-o smtpd_client_connection_count_limit=10
-o content_filter=
#-o content_filter=127.0.0.1:10024

The proxy filter is amavis doing spamassassin. It's based on some docs I found 
about pre queue insertion content inspection on postfix.org. The idea is to 
eliminate backscatter.
The (well known) problem with this is that once the machine gets busy messages 
start getting queued via the secondary MX, introducing additional delays. I 
think it would be a killer feature of postfix if it started doing something 
like this: once all the smtp processes (20 above) are in use switch to 
accepting smtp connections but doing content filtering (e.g. similar to the 
line commented out above). Is this already feasible in postfix? 



don't use a proxy_filter unless you have enough resources and/or the 
proxy_filter is fast.

Add sender IP on the header

[Iker Perez de Albeniz]

Hi,

I'am trying to add a new header to all input messages with a label like
this:

X-Send-IP: senderip

i have tried something like this (in main.cf):
smtp_data_restrictions = check_lcient_acces cidr:/etc/postfix/add_header

and add_header file is like :
0.0.0.0/0 PREPEND  X-Send-IP: ${client_addr}

but dont work..

any idea?

Re: Add sender IP on the header

[Victor Duchovni]

On Thu, Nov 06, 2008 at 04:20:25PM +0100, Iker Perez de Albeniz wrote:

 Hi,
 
 I'am trying to add a new header to all input messages with a label like
 this:
 
 X-Send-IP: senderip
 
 i have tried something like this (in main.cf):
 smtp_data_restrictions = check_lcient_acces cidr:/etc/postfix/add_header
 
 and add_header file is like :
 0.0.0.0/0 PREPEND  X-Send-IP: ${client_addr}

There is mention of ${client_addr} in access(5) documentation, you
are making this up, and Postfix only implements what's documented.

PCRE and regexp tables can interpolate data from the input key into
the result:

smtpd_data_restrictions =
check_client_access pcre:/etc/postfix/add_header.pcre

add_header.pcre:
# Client name, not an IPv4/IPv6 address:
/[^\d.:]/   DUNNO

# Otherwise:
/^(.*)$/PREPEND X-Send-IP: ${1}

-- 
Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
mailto:[EMAIL PROTECTED]

If my response solves your problem, the best way to thank me is to not
send an it worked, thanks follow-up. If you must respond, please put
It worked, thanks in the Subject so I can delete these quickly.

Re: tiscali hostsed email domains unreachable? Or is it just me?

[Robert Schetterer]

Victor Duchovni schrieb:
 On Thu, Nov 06, 2008 at 03:50:41PM +0100, Ralf Hildebrandt wrote:
 
 tiscali.de  error:Tiscali hat den Maildienst zu tiscali.de zum 
 15.10.2008 eingestellt
 
 Better version for Postfix 2.3+ (multi-line is just for readability):
 
 tiscali.de  
   error:5.1.2 Tiscali hat den Maildienst zu 
 tiscali.de zum 15.10.2008 eingestellt
 
 http://tools.ietf.org/html/rfc3463#section-3.2
 
or maybe something like this should work too

check_recipient_mx_access type:table
Search the specified access(5) database for the MX hosts for the
RCPT TO domain, and execute the corresponding action. Note: a result of
OK is not allowed for safety reasons. Instead, use DUNNO in order to
exclude specific hosts from blacklists. This feature is available in
Postfix 2.1 and later.


smtpd_recipient_restrictions = reject_non_fqdn_recipient,
   check_recipient_mx_access
hash:/etc/postfix/tiscali_recipient_mx_access,

...

/etc/postfix/tiscali_recipient_mx_access

mx10.unit.tiscali.de  REJECT tiscali mailservers are offline
mx11.unit.tiscali.de  REJECT tiscali mailservers are offline
mx12.unit.tiscali.de  REJECT tiscali mailservers are offline


-- 
Best Regards

MfG Robert Schetterer

Germany/Munich/Bavaria

Re: tiscali hostsed email domains unreachable? Or is it just me?

[Victor Duchovni]

On Thu, Nov 06, 2008 at 04:33:48PM +0100, Robert Schetterer wrote:

 Victor Duchovni schrieb:
  On Thu, Nov 06, 2008 at 03:50:41PM +0100, Ralf Hildebrandt wrote:
  
  tiscali.de  error:Tiscali hat den Maildienst zu tiscali.de zum 
  15.10.2008 eingestellt
  
  Better version for Postfix 2.3+ (multi-line is just for readability):
  
  tiscali.de  
  error:5.1.2 Tiscali hat den Maildienst zu 
tiscali.de zum 15.10.2008 eingestellt
  
  http://tools.ietf.org/html/rfc3463#section-3.2
  
 or maybe something like this should work too
 
 check_recipient_mx_access type:table
 Search the specified access(5) database for the MX hosts for the
 RCPT TO domain, and execute the corresponding action. Note: a result of
 OK is not allowed for safety reasons. Instead, use DUNNO in order to
 exclude specific hosts from blacklists. This feature is available in
 Postfix 2.1 and later.

No, the original proposal is better, because it also correctly handles
bounces with sender addresses in the domains in question, .forward files,
... and refuses with the appropriate DSN code. Transport table entries
that resolve to the error: transport automatically lead to corresponding
SMTP rejections of recipients in the problem domain.

-- 
Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
mailto:[EMAIL PROTECTED]

If my response solves your problem, the best way to thank me is to not
send an it worked, thanks follow-up. If you must respond, please put
It worked, thanks in the Subject so I can delete these quickly.

Re: Newbie question

[kyoku cocinillas]

Gustav Meirinho escribió:
 No problem: Postifix will work properly as long as there is transport
 configured for each non FQDN domain and reject_non_fqdn_recipient option
 isn't enabled.
 
 
 kyoku cocinillas escreveu:
 Hi,

 Theres something that i dont have very clear. I know in everywhere is
 recommended to have a fully qualified domain name for your system if you
 intend to make it a mail server.
 Now my question is: if is going to be an internal mail server, and the
 domains will be hosted virtually using mysql, is it necessary to still
 have an FQDN for the system? or will postfix be allright with the domain
 name info stored in the database?

 I am asking this cause the idea is to have a dedicated server in a
 datacenter that basically serves as primary MX, and then the internal
 server inhouse which will retrieve the email from the primary MX and
 will server the internal network.

 I dont know if i explain right, i  am having a missconception problem i
 believe, could someone clarify please?, thanks in advance.

 regards,

   

Thanks for the answer!

autoresponder for virtual users

[Martin Strand]

Hi all.
I'm looking to implement an auto-response mechanism which:
- only sends responses to senders who pass SPF checks
- responds from certain virtual aliases as well as certain virtual users
- doesn't respond to mailing lists
- finds the response message/subject through mysql
- supports per-recipient charset (iso-8859-15 or utf-8)
- doesn't respond several times to the same sender within a certain time  
period


Searching the list archive and Google turned up yaa as the best  
alternative, but it seems to have disappeared :(

http://frost.ath.cx/software/yaa/

Are there any other good options?
I suppose I could write something myself, but this feels like a fairly  
common thing to do so I was hoping someone else had already done it.

Re: Newbie question

[kyoku cocinillas]

mouss escribió:
 kyoku cocinillas wrote:
 Hi,

 
 next time, please chose a better subject. if everyone sets Subject: I
 have a question, then the subject becomes useless...

I am very sorry, i did not realize, you are completely right

 
 Theres something that i dont have very clear. I know in everywhere is
 recommended to have a fully qualified domain name for your system if you
 intend to make it a mail server.
 Now my question is: if is going to be an internal mail server, and the
 domains will be hosted virtually using mysql, is it necessary to still
 have an FQDN for the system?
 
 if this system won't connect to external mail servers, do whatever you
 want.
 
 if it will connect to external mail servers, it's not internal and it
 must comply. In paticular, the HELO name must be fqdn and must resolve
 (preferably to the external IP as seen from outside). By default, this
 helo name is $myhostname.
 

It will relay to our dedicated server for sending mail, that will be all

 
 or will postfix be allright with the domain
 name info stored in the database?
 
 not sure what you mean. if you mean the default domain, this is
 $mydomain and can't be stored in a map. if you mean virtual domains,
 yes, you can store them in mysql or other.
 
I meant virtual domains in mysql, yes.


 I am asking this cause the idea is to have a dedicated server in a
 datacenter that basically serves as primary MX, and then the internal
 server inhouse which will retrieve the email from the primary MX and
 will server the internal network.

 I dont know if i explain right, i  am having a missconception problem i
 believe, could someone clarify please?, thanks in advance.

 
 don't know. it looks like you confuse the domain of the machine
 (mydomain, myhostname) and the (virtual) domains used in email
 addresses. These are different concepts.
 
My question was regarding the domain of the machine, which i dont need
to show, just the virtual domains in mysql are the ones that suppose to
actually be used by postfix, am i correct?

Re: Add sender IP on the header

[Iker Perez de Albeniz]

an other quiestion.. abaut this postfix..

why sometimes i get an IP an other a client name??? is ther any way to force
postfix to resolve allways the names to get te ips? for example in
uceprotect DNSBls system they give you that script:

--
#!/bin/sh
cd /tmp
# For Level 1 use this line
/usr/bin/wget -N http://wget-mirrors.uceprotect.net/uce-pfsm-1/access.gz;
# For Level 2 use this line
#/usr/bin/wget -N http://wget-mirrors.uceprotect.net/uce-pfsm-2/access.gz;
# For Level 3 use this line
#/usr/bin/wget -N http://wget-mirrors.uceprotect.net/uce-pfsm-3/access.gz;
cp /tmp/access.gz /etc/postfix/access.gz
cd /etc/postfix
gzip -d -f access.gz
/usr/sbin/postmap /etc/postfix/access
/usr/sbin/postfix reload


the files are like this:

--
03.78.40.189 571 IP 03.78.40.189 is LEVEL 1 listed at UCEPROTECT-NETWORK.
4.36.109.30 571 IP 4.36.109.30 is LEVEL 1 listed at UCEPROTECT-NETWORK.
4.58.120.34 571 IP 4.58.120.34 is LEVEL 1 listed at UCEPROTECT-NETWORK.
4.59.17.100 571 IP 4.59.17.100 is LEVEL 1 listed at UCEPROTECT-NETWORK.
4.59.24.34 571 IP 4.59.24.34 is LEVEL 1 listed at UCEPROTECT-NETWORK.


this wont work if the value we get is a hostname... isn't it?

2008/11/6 Victor Duchovni 

  On Thu, Nov 06, 2008 at 04:20:25PM +0100, Iker Perez de Albeniz wrote:

  Hi,
 
  I'am trying to add a new header to all input messages with a label like
  this:
 
  X-Send-IP: senderip
 
  i have tried something like this (in main.cf):
  smtp_data_restrictions = check_lcient_acces cidr:/etc/postfix/add_header
 
  and add_header file is like :
  0.0.0.0/0 PREPEND  X-Send-IP: ${client_addr}

 There is mention of ${client_addr} in access(5) documentation, you
 are making this up, and Postfix only implements what's documented.

 PCRE and regexp tables can interpolate data from the input key into
 the result:

smtpd_data_restrictions =
check_client_access pcre:/etc/postfix/add_header.pcre

add_header.pcre:
# Client name, not an IPv4/IPv6 address:
/[^\d.:]/   DUNNO

# Otherwise:
/^(.*)$/PREPEND X-Send-IP: ${1}

 --
Viktor.

 Disclaimer: off-list followups get on-list replies or get ignored.
 Please do not ignore the Reply-To header.

 To unsubscribe from the postfix-users list, visit
 http://www.postfix.org/lists.html or click the link below:
 mailto:[EMAIL PROTECTED]

 If my response solves your problem, the best way to thank me is to not
 send an it worked, thanks follow-up. If you must respond, please put
 It worked, thanks in the Subject so I can delete these quickly.

Re: autoresponder for virtual users

[Robert Schetterer]

Martin Strand schrieb:
 Hi all.
 I'm looking to implement an auto-response mechanism which:
 - only sends responses to senders who pass SPF checks
 - responds from certain virtual aliases as well as certain virtual users
 - doesn't respond to mailing lists
 - finds the response message/subject through mysql
 - supports per-recipient charset (iso-8859-15 or utf-8)
 - doesn't respond several times to the same sender within a certain time
 period
 
 Searching the list archive and Google turned up yaa as the best
 alternative, but it seems to have disappeared :(
 http://frost.ath.cx/software/yaa/
 
 Are there any other good options?
 I suppose I could write something myself, but this feels like a fairly
 common thing to do so I was hoping someone else had already done it.

hi, in postfix admin you find a perl vaccation script
for virtual users ( uses transport )
http://sourceforge.net/projects/postfixadmin/
this dont report several times as well as to mailling lists ( if their
headers are known but i am not sure here )
it may not be exactly what you looking for but should target you in the
right way

SPF check you have to implement by your own
there is a policy server in perl which you might can use
after all i wouldnt recommend including that explicit in a autoresponder

i modified the script not to answer to spam allready marked mails
which basicly does a good job ( spf weight an check are allready done
in the smtp income stage and spamassassin )

-- 
Best Regards

MfG Robert Schetterer

Germany/Munich/Bavaria

Re: Add sender IP on the header

[mouss]

Iker Perez de Albeniz wrote:

an other quiestion.. abaut this postfix..


if it's another question, better start another thread. or at least, trim 
the old conversation.




why sometimes i get an IP an other a client name??? 


if you mean in access checks, postfix will generally lookup both. first 
the hostname, then the IP. This should be ok for most purpuses. to only 
check IPs, use a cidr map.


and if you use a cidr map, do not postmap it.



is ther any way to force
postfix to resolve allways the names to get te ips?


there is no point to resolve the name. The IP is known before the name 
is! (the name is obtained by resolving the IP). you want cidr.



for example in
uceprotect DNSBls system they give you that script:



1- if this is a real mail server, don't use uceprotect. it is unsafe.

2- read about reject_rbl_client and its friends.

3- to download uceprotect lists, use rsync instead of wget:

rsync --times -azv \
 rsync-mirrors.uceprotect.net::RBLDNSD-ALL/dnsbl-2.uceprotect.net \
 .


4- the files need to be converted to a format usable by postfix. 
something like:


awk '{print $1   REJECT listed in uceprotect blah blah}' $file  
uceprotect.tmp  mv uceprotect.tmp uceprotect.cidr

sending a copy of mail to another user..

[Mumtaz Ali]

 
Hi,
 
 i want to duplicate mails of a specific  email account.. like i have mail 
address
 
[EMAIL PROTECTED]  and i want when [EMAIL PROTECTED] send an email to an 
external email account
a copy of email should be send to [EMAIL PROTECTED] and i dont' want [EMAIL 
PROTECTED] to know about this..
plz tell me how i can make it possible.. ??
 
 

_
Windows Live Hotmail now works up to 70% faster.
http://windowslive.com/Explore/Hotmail?ocid=TXT_TAGLM_WL_hotmail_acq_faster_112008

Re: sending a copy of mail to another user..

[Nikita Kipriyanov]

Mumtaz Ali пишет:
 
Hi,
 
 i want to duplicate mails of a specific  email account.. like i have mail address
 
[EMAIL PROTECTED]  and i want when [EMAIL PROTECTED] send an email to an external email account

a copy of email should be send to [EMAIL PROTECTED] and i dont' want [EMAIL 
PROTECTED] to know about this..
plz tell me how i can make it possible.. ??
  

use recipient_bcc_maps

Re: sending a copy of mail to another user..

[Nikita Kipriyanov]

Nikita Kipriyanov пишет:

Mumtaz Ali пишет:
 
Hi,
 
 i want to duplicate mails of a specific  email account.. like i have 
mail address
 
[EMAIL PROTECTED]  and i want when [EMAIL PROTECTED] send an email to 
an external email account
a copy of email should be send to [EMAIL PROTECTED] and i dont' want 
[EMAIL PROTECTED] to know about this..

plz tell me how i can make it possible.. ??
  

use recipient_bcc_maps

It's a mistake. In this case sender_bcc_maps should be used. Sorry.

Re: OT: Sender Header

[Neil]

On 6 Nov 2008, at 10:07, mouss wrote:


Neil wrote:


Because some (and so far the only pattern is It shows up when  
subscribing to the SpamAssassin Mailing List.) of my mails at  
getting that header attached (and with a bad address) and it's  
annoying me...



what do you exactly mean? almost all mailing lists set this header  
and we have no problem with that. if you are annoyed by the on  
behalf of..., replace your mail server(s) and/or mail user agents  
with ones that don't annoy you...


I'm not bothered by Sender being added by mailing lists, etc.  But  
it's that the Sender header contains one of my email addresses, and  
not the one I'm actually sending from...


On 6 Nov 2008, at 09:23, Brian Evans - Postfix List wrote:


Neil wrote:
At what point does the Sender:  header usually get added to the  
mail?


Because some (and so far the only pattern is It shows up when
subscribing to the SpamAssassin Mailing List.) of my mails at  
getting

that header attached (and with a bad address) and it's annoying me...


The Sender header is optional when Sender and From are equal.
It is added by the mail client, not the server.


Thanks, I'll turn my attention there then.

Message-id logging (include rfc822-comments?)

[Victor Duchovni]

When a message-id is followed by rfc822 comment text:

 Message-Id: [EMAIL PROTECTED] (test)

 2008-11-06T13:13:35-0500 amnesiac postfix/cleanup[10832]: AF24675A3D:
 message-id=[EMAIL PROTECTED] (test)

postfix logs both the id and the comment. This is perhaps more
robust, in case the header is mangled, and most of the unique data
is in the comment. On the other hand, for well-formed headers, the
comment is not part of the message-id: for example:

2008-11-06T01:11:19-0500 amnesiac postfix/cleanup[13756]: AE620EF8001:
message-id=[EMAIL PROTECTED] (added by [EMAIL PROTECTED])

Should Postfix make any effort to log the above message differently?

-- 
Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
mailto:[EMAIL PROTECTED]

If my response solves your problem, the best way to thank me is to not
send an it worked, thanks follow-up. If you must respond, please put
It worked, thanks in the Subject so I can delete these quickly.

Address verification

[Robert Fitzpatrick]

I have double-bounce messages in the queue, not sure what that is all
about. For instance, to Yahoo addresses. Is this related to the fact
that I am doing AV to those addresses?

-- 
Robert

Re: Address verification

[Brian Evans - Postfix List]

Robert Fitzpatrick wrote:
 I have double-bounce messages in the queue, not sure what that is all
 about. For instance, to Yahoo addresses. Is this related to the fact
 that I am doing AV to those addresses?
   

Logs? 'postconf -n'?

Do you mean reject_unverified_recipient?
It is unwise to verify the entire internet.  Some places may blacklist
you for doing so.
The best use of such a restriction is for domains you control when you
cannot list a recipients in a map.

Brian

Re: Message-id logging (include rfc822-comments?)

[Wietse Venema]

Victor Duchovni:
 
 When a message-id is followed by rfc822 comment text:
 
  Message-Id: [EMAIL PROTECTED] (test)
 
  2008-11-06T13:13:35-0500 amnesiac postfix/cleanup[10832]: AF24675A3D:
message-id=[EMAIL PROTECTED] (test)
 
 postfix logs both the id and the comment. This is perhaps more
 robust, in case the header is mangled, and most of the unique data
 is in the comment.

Indeed, the current implementation is conservative; it does not
lose information in the event of malformed content (it does,
however, neutralize non-printable characters before logging).

 On the other hand, for well-formed headers, the
 comment is not part of the message-id: for example:
 
 2008-11-06T01:11:19-0500 amnesiac postfix/cleanup[13756]: AE620EF8001:
   message-id=[EMAIL PROTECTED] (added by [EMAIL PROTECTED])
 
 Should Postfix make any effort to log the above message differently?

How would one decide that a (message-id) header is not mangled?
This would require parsing the string, counting the address
tokens, and if there is only one address token, use that as the
logged message ID, otherwise log the entire original string.

But I wonder if it is really worth the trouble.

Wietse

Re: Address verification

[Wietse Venema]

Robert Fitzpatrick:
 I have double-bounce messages in the queue, not sure what that is all
 about. For instance, to Yahoo addresses. Is this related to the fact
 that I am doing AV to those addresses?

If the message has status=deliverable or status=undeliverable,
then the message is an address probe: either it's sender/recipient
address verification, or it's mail queued with sendmail -bv.

If the status is sent, deferred or bounced then it is a
non-probe message.

Wietse

Re: Address verification

[Noel Jones]

Robert Fitzpatrick wrote:

I have double-bounce messages in the queue, not sure what that is all
about. For instance, to Yahoo addresses. Is this related to the fact
that I am doing AV to those addresses?



Recent postfix versions use the double-bounce address as the 
sender of address probes.


Sender address verification should be used carefully and 
selectively - some sites will consider probes to non-existent 
addresses a dictionary attack and block you.



--
Noel Jones

Re: OT: Sender Header

[Byung-Hee HWANG]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Brian Evans - Postfix List wrote:
[...]
 It is added by the mail client, not the server.

Can you please show me some example?

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.0 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkkTe7QACgkQsCouaZaxlv41EgCfZRSYzbsvJbY3aTmrEv9KgFv1
qz0AnRhuCPxqw4XfmaO32sxowubQ256y
=6I1x
-END PGP SIGNATURE-

Re: OT: Sender Header

[Wietse Venema]

Byung-Hee HWANG:
 Brian Evans - Postfix List wrote:
 [...]
  It is added by the mail client, not the server.
 
 Can you please show me some example?

RFC2822 section 3.6.2 has one example.
http://tools.ietf.org/html/rfc2822#section-3.6.2

Mailing lists (including this one) also provide a Sender: header.

Wietse

Re: autoresponder for virtual users

[Martin Strand]

On Thu, 06 Nov 2008 18:24:33 +0100, Robert Schetterer  
[EMAIL PROTECTED] wrote:



Martin Strand schrieb:

Hi all.
I'm looking to implement an auto-response mechanism which:
- only sends responses to senders who pass SPF checks
- responds from certain virtual aliases as well as certain virtual users
- doesn't respond to mailing lists
- finds the response message/subject through mysql
- supports per-recipient charset (iso-8859-15 or utf-8)
- doesn't respond several times to the same sender within a certain time
period

Searching the list archive and Google turned up yaa as the best
alternative, but it seems to have disappeared :(
http://frost.ath.cx/software/yaa/

Are there any other good options?
I suppose I could write something myself, but this feels like a fairly
common thing to do so I was hoping someone else had already done it.


hi, in postfix admin you find a perl vaccation script
for virtual users ( uses transport )
http://sourceforge.net/projects/postfixadmin/
this dont report several times as well as to mailling lists ( if their
headers are known but i am not sure here )
it may not be exactly what you looking for but should target you in the
right way

SPF check you have to implement by your own
there is a policy server in perl which you might can use
after all i wouldnt recommend including that explicit in a autoresponder

i modified the script not to answer to spam allready marked mails
which basicly does a good job ( spf weight an check are allready done
in the smtp income stage and spamassassin )


Thanks, Robert. Maybe I'll put something together myself using ideas from  
postfixadmin and yaa.

yaa 0.3.1 can still be found through archive.org.

Always being paranoid, I feel passing SPF is essential before sending  
anything back - what if a spammer starts sending from a spamtrap address,  
making my server send responses there? Yikes! :)


Martin

Recommendations?

[James Homuth]

Hey all,

I'm contemplating switching my email over to be hosted myself, and am
wondering what the best/easiest way to accomplish what I'm thinking to do
might be. Currently I don't have all that many email addresses on the
system, but that might change at some point soon. What I'd like to be able
to do, without going entirely into a deep level of complication, is to set
up a manner in which users can send/receive email without needing to have
shell access. I'm the only person who currently has/needs shell access in
our current situation, and I intend to make it the same when I make the
transition. I've done some googling, but 90% of the results I come up with
involve anything from your basic SQL implementation to postfixadmin plus
this or that plugin. MySQL is optional, but not a requirement so long as
Postfix can put the mail somewhere and Courier can pick it up from said
somewhere. Any suggestions/pointers would be helpful. Web interfaces are
again, an option but not required. It'd be nice, but if I can do same via
command line, I'm certainly not going to shy away from it. I look forward to
any help/hints/tricks.

Sincerely,
James Homuth

Re: Split MX and user name lookup part II

[Wietse Venema]

Michael Moritz:
 This is a problem we came upon while setting up the split MX (described 
 earlier on this list). On the the smtp gateway I have this in master.cf
 
 smtp  inet  n   -   -   -   20 smtpd
 -o cleanup_service_name=pre-cleanup
 -o smtpd_proxy_filter=127.0.0.1:10024
 -o smtpd_client_connection_count_limit=10
 -o content_filter=
 #-o content_filter=127.0.0.1:10024

To switch between before/after filters depending on load, use
the Postfix 2.5 stress-dependent feature.

smtp  inet  n   -   -   -   20 smtpd
-o smtpd_proxy_filter=${stress:127.0.0.1:10024}
-o content_filter=${stress?127.0.0.1:10024}

This, of course, requires that the filter can handle both cases.
In particular, the filter cannot reject mail.

There are patches that back-port stress-dependent behavior to
earlier Postfix releases. See http://www.postfix.org/downloads.html.

Wietse

Re: OT: Sender Header

[Neil]

On 6 Nov 2008, at 13:47, Neil wrote:

On 6 Nov 2008, at 09:23, Brian Evans - Postfix List wrote:

Neil wrote:
At what point does the Sender:  header usually get added to the  
mail?


Because some (and so far the only pattern is It shows up when
subscribing to the SpamAssassin Mailing List.) of my mails at  
getting
that header attached (and with a bad address) and it's annoying  
me...



The Sender header is optional when Sender and From are equal.
It is added by the mail client, not the server.


Thanks, I'll turn my attention there then.



By pure luck, I had an epiphany and figured it out.

Thank you guys for your help (and for assuring me it wasn't Postfix).

-N.

Re: Split MX and user name lookup part II

[Noel Jones]

Wietse Venema wrote:

Michael Moritz:
This is a problem we came upon while setting up the split MX (described 
earlier on this list). On the the smtp gateway I have this in master.cf


smtp  inet  n   -   -   -   20 smtpd
-o cleanup_service_name=pre-cleanup
-o smtpd_proxy_filter=127.0.0.1:10024
-o smtpd_client_connection_count_limit=10
-o content_filter=
#-o content_filter=127.0.0.1:10024


To switch between before/after filters depending on load, use
the Postfix 2.5 stress-dependent feature.

smtp  inet  n   -   -   -   20 smtpd
-o smtpd_proxy_filter=${stress:127.0.0.1:10024}
-o content_filter=${stress?127.0.0.1:10024}

This, of course, requires that the filter can handle both cases.
In particular, the filter cannot reject mail.



In the case of amavisd-new, one could use policy banks to 
define different behavior (reject when it's a proxy, tag+pass 
when a content_filter) based on the injection port number.


smtp  inet  n   -   -   -   20 smtpd
-o smtpd_proxy_filter=${stress:127.0.0.1:10024}
-o content_filter=${stress?127.0.0.1:10026}

See amavsid.conf-sample and the release notes for full details 
on setting amavisd-new policy banks and adjusting final_{spam, 
virus, bad_header}_destiny in each policy.


This still has the problem that only a limited number of smtpd 
processes can be configured, but a cool idea regardless.


--
Noel Jones

Re: Recommendations?

[Sahil Tandon]

James Homuth [EMAIL PROTECTED] wrote:

 I'm contemplating switching my email over to be hosted myself, and am
 wondering what the best/easiest way to accomplish what I'm thinking to do
 might be. Currently I don't have all that many email addresses on the
 system, but that might change at some point soon. What I'd like to be able
 to do, without going entirely into a deep level of complication, is to set
 up a manner in which users can send/receive email without needing to have
 shell access. I'm the only person who currently has/needs shell access in
 our current situation, and I intend to make it the same when I make the
 transition. I've done some googling, but 90% of the results I come up with
 involve anything from your basic SQL implementation to postfixadmin plus
 this or that plugin. MySQL is optional, but not a requirement so long as
 Postfix can put the mail somewhere and Courier can pick it up from said
 somewhere. Any suggestions/pointers would be helpful. Web interfaces are
 again, an option but not required. It'd be nice, but if I can do same via
 command line, I'm certainly not going to shy away from it. I look forward to
 any help/hints/tricks.

You do not need to bother with SQL; hash files should be just fine.  You
should read http://www.postfix.org/VIRTUAL_README.html, specifically the
section titled Postfix virtual MAILBOX example: separate domains,
non-UNIX accounts.  After reading that document and experimenting
yourself, ask for help here following the instructions in
http://www.postfix.org/DEBUG_README.html#mail.

-- 
Sahil Tandon [EMAIL PROTECTED]

Re: amavisd-new with dkimproxy

[kemas]

mouss wrote:

kemas wrote:

mouss wrote:


$enable_dkim_signing = 1;
dkim_key('example.com', 'yourselector',
'/path/to/key.pem', c = 'relaxed/simple');

$policy_bank{'ORIGINATING'} = {
...
# force MTA conversion to 7-bit (e.g. before DKIM signing)
  smtpd_discard_ehlo_keywords = ['8BITMIME'],
}

check amavisd-new RELEASE NOTES for more.



this looks better, cleaner and simple, no more one smtp hop again. is 
there any caveat ?




as long as you don't alter mail after amavisd-new, there should be no 
problem. you can test your dkim signing by sending mail to 
[EMAIL PROTECTED]



I've send email to sa-test at sendmail.org and test at
dkimtest.jason.long.name and the result is ok,
but I'll try amavisd-new way to sign email..

Re: autoresponder for virtual users

[Zhang Huangbin]

Martin Strand wrote:

 Hi all.
 I'm looking to implement an auto-response mechanism which:
 - only sends responses to senders who pass SPF checks
 - responds from certain virtual aliases as well as certain virtual users
 - doesn't respond to mailing lists
 - finds the response message/subject through mysql
 - supports per-recipient charset (iso-8859-15 or utf-8)
 - doesn't respond several times to the same sender within a certain 

time period


 Searching the list archive and Google turned up yaa as the best 

alternative, but it seems to have disappeared :(

 http://frost.ath.cx/software/yaa/

 Are there any other good options?
 I suppose I could write something myself, but this feels like a fairly 

common thing to do so I was hoping someone else had already done it.




Try managesieve service and pysieved:

ManageSieve:
- http://wiki.dovecot.org/ManageSieve

PySieved:
- http://www.woozle.org/~neale/src/pysieved/

Avelsieve: Sieve Mail Filters Plugin for Squirrelmail:
- http://email.uoa.gr/avelsieve/

Plugin for Roundcube WebMail:
- http://alec.pl/roundcube/managesieve/

Horde WebMail support managesieve too (via Ingo).
Thunderbird has plugin for managesieve too.

--
Best regards.

- Open Source Mail Server Solution for RHEL/CentOS 5.x:
 http://code.google.com/p/iredmail/

Re: OT: Sender Header

[mouss]

Neil wrote:


By pure luck, I had an epiphany and figured it out.



good. Can you provide details so that other people who get into the same 
problem find the answer in the archives?