Re: Postfix Toaster - replacing vpopmail
(MySQL+Postfix+Courier(+Amavisd-new)) and we are quite happy with it. Check it at http://www.ispconfig.org its lol ? ... trool On Sun, 19 Jul 2009 20:29:08 +0200, Ignacio Garcia i...@oenus.com wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 -Continued use of Courier-IMAP. Not so much because I like it, but I don't want POP UUIDs changing or any big changes in IMAP quirks that suddenly cause users grief. It seems like Courier+Maildrop is fairly common though, so I think I'm safe there. We recently moved from a very good, very old and unmaintained LDAP+Postfix+Cyrus solution (ISPMan) to ISPConfig version 3 (MySQL+Postfix+Courier(+Amavisd-new)) and we are quite happy with it. Check it at http://www.ispconfig.org Ignacio -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkpjZfEACgkQoYMx3fsuWuq8sACggt4mZFqWgiNtdgS5e4vy7D4V pxgAn1EZPeH7IDBb9hEjzhOrTrnNzLWe =5zCe -END PGP SIGNATURE-
Re: Postfix Toaster - replacing vpopmail
work fine on my box CentOS 5.3 http://pastebin.ca/1501508 On Mon, 20 Jul 2009 17:04:41 -0400, Charles Marcus cmar...@media-brokers.com wrote: On 7/20/2009, LuKreme (krem...@kreme.com) wrote: Before I bought my iTouch last year I thought I was going to hate the touch-screen keyboard, but the auto correction and the editing is so easy that it's not much of an issue. Now with the 3GS I am even willing to type fairly long emails with it since I can easily cut quoted material and can reply to selected portions of an email. I've used the iPhone (3 here in the office I have to set up), and they're not horrible, but I much prefer the keyboard on my G1... -- Best regards, Charles
Re: Domain Key Issues
uses dkimproxy 1.1 work fine in my box On Wed, 22 Jul 2009 10:35:12 -0500, Noel Jones njo...@megan.vbhcs.org wrote: Zakir Shaikh wrote: Now, my problem is that when I send mails using webmail from the local user configured through vPostmaster then the mails are getting signed BUT the issue is that when the mails sent from different machines using their applicaitons then the messages are delivered but Not signed. [ I've already added their IP addreses here: mynetworks = xx.xx.xx.xx in main.cf] What am i Missing? Is this a postfix issue or a Domain Keys issue ? This is a Domain Keys issue. See the -i option to dk-filter to add which IPs should be signed. And note that Domain Keys is less used these days. Consider dropping it and using DKIM instead. -- Noel Jones
Re: Domain Key Issues
i use dkimproxy 1.1 , I dont use the beta release on my box On Fri, 24 Jul 2009 19:36:28 +0530 (IST), Zakir Shaikh searchza...@yahoo.co.in wrote: Thanks fakessh, Dkimproxy did the Magic! works gr8.. for both - Domain Keys DKIM. Thanks Regards, Zakir H. Shaikh From: fakessh fake...@fakessh.eu To: Zakir Shaikh searchza...@yahoo.co.in Cc: postfix mailing list postfix-users@postfix.org; njo...@megan.vbhcs.org Sent: Friday, 24 July, 2009 4:34:06 PM Subject: Re: Domain Key Issues uses dkimproxy 1.1 its work fine on my box CentOS 5.3 On Fri, 24 Jul 2009 16:16:54 +0530 (IST), Zakir Shaikh searchza...@yahoo.co.in wrote: This is a Domain Keys issue. See the -i option to dk-filter to add which IPs should be signed. And note that Domain Keys is less used these days. Consider dropping it and using DKIM instead. Thanks for the suggestion. But it is Still Not Working. I tried with the -i filename option providing the list of IP-addresses that will sending/relaying the mails through the main server. The file entries have been properly fed with each IP on a different line, as mentioned in the man page. I'm wondering, is there a 100 % solution for the Domain Keys DKIM implementations ? Thanks Regards, Zakir H. Shaikh Love Cricket? Check out live scores, photos, video highlights and more. Click here http://cricket.yahoo.com See the Web's breaking stories, chosen by people like you. Check out Yahoo! Buzz. http://in.buzz.yahoo.com/
Re: High volume Milter experiences?
may be used in http://milter-manager.sourceforge.net/ On Fri, 31 Jul 2009 21:59:47 +0200, Patrick Ben Koetter p...@state-of-mind.de wrote: Did anybody ever measure how many clients a Postfix server using Milter can serve? Somewhere hidden in my brain I recall someone on the list reporting problems with Milter under high load. I am wondering how high the load was and if there was a solution to the problem? Reason I am asking is: I need to plan a rather large system (~600 messages/sec at 150kb average size) and I ask myself if I need to do some tests now or if I can rely on some others numbers for the moment and do the tests at a later stage. Thanks, p...@rick -- All technical answers asked privately will be automatically answered on the list and archived for public access unless privacy is explicitely required and justified. saslfinger (debugging SMTP AUTH): http://postfix.state-of-mind.de/patrick.koetter/saslfinger/
Re: Postfix SMTP server: errors from 6.mail-out.ovh.net[91.121.25.210]
I just changed the password. sorry i'am r13151.ovh.net On Tue, 4 Aug 2009 18:06:42 +0200 (CEST), mailer-dae...@r13151.ovh.net (Mail Delivery System) wrote: Transcript of session follows. Out: 220 r13151.ovh.net ESMTP Postfix (2.5.1) In: HELO 6.mail-out.ovh.net Out: 250 r13151.ovh.net In: MAIL FROM:rps-return-25004-fakessh=fakessh...@ml.ovh.net Out: 250 2.1.0 Ok In: RCPT TO:fake...@fakessh.eu Out: 451 4.3.5 Server configuration error In: QUIT Out: 221 2.0.0 Bye
Re: Postfix SMTP server: errors from 6.mail-out.ovh.net[91.121.25.210]
I just changed the password. sorry I'm r13151.ovh.net On Tue, 4 Aug 2009 18:16:52 +0200 (CEST), mailer-dae...@r13151.ovh.net (Mail Delivery System) wrote: Transcript of session follows. Out: 220 r13151.ovh.net ESMTP Postfix (2.5.1) In: HELO 6.mail-out.ovh.net Out: 250 r13151.ovh.net In: MAIL FROM:rps-return-25008-fakessh=fakessh...@ml.ovh.net Out: 250 2.1.0 Ok In: RCPT TO:fake...@fakessh.eu Out: 451 4.3.5 Server configuration error In: QUIT Out: 221 2.0.0 Bye
how well set + anvil
hi all hi list how well set + anvil I would like to fine tune + anvil I wish there was not time to expectations identified in the original configuration of postfix. I would minimize the role of + anvil I often trade very fast mail that are slowed down by anvil thanks for all your nb : Buddha peace themselve
my problem is solved I'm not sending bounce
Hi URGENT my problem is solved I'm not sending bounce double_bounce_sender=no bounce_notice_recipient = postmaster sorry
startssl and CA autority
hi all hi postfix list I worked all day to develop my certificates with certificates free of startssl I based this document http://translate.google.fr/translate?js=yprev=_thl=frie=UTF-8u=http%3A%2F%2Fwww.grandville.net%2FOpenSSL%2FLigneDeCommandesl=frtl=en I realized correctly signed certificates I read in the doc startssl the need to import this document among the certificates how to incorporate the certificates in postfix? thanks for all your feedback thanks all your thanks nb : je ne parle pas anglais
Re: startssl and CA autority
On Sun, 29 Nov 2009 03:00:46 +0100, fakessh fake...@fakessh.eu wrote: hi all hi postfix list I worked all day to develop my certificates with certificates free of startssl I based this document http://translate.google.fr/translate?js=yprev=_thl=frie=UTF-8u=http%3A%2F%2Fwww.grandville.net%2FOpenSSL%2FLigneDeCommandesl=frtl=en I realized correctly signed certificates I read in the doc startssl the need to import this document among the certificates to import the document https://www.startssl.com/certs/sub.class1.client.ca.pem how to incorporate the certificates in postfix? thanks for all your feedback thanks all your thanks nb : je ne parle pas anglais
possible hack to postfix
hello all hello list I think there is a problem in the basic configuration of Postfix the basic configuration of Postfix is included in the rpm and sources I accessed the standard configuration file # Alternatively, you can specify the mynetworks list by hand, in # which case Postfix ignores the mynetworks_style setting. # # Specify an explicit list of network/netmask patterns, where the # mask specifies the number of bits in the network part of a host # address. # # You can also specify the absolute pathname of a pattern file instead # of listing the patterns here. Specify type:table for table-based lookups # (the value on the table right-hand side is not used). # #mynetworks = 168.100.189.0/28, 127.0.0.0/8 #mynetworks = $config_directory/mynetworks #mynetworks = hash:/etc/postfix/network_table it is then possible to make a 'helo 168.100.189.5' and after this command to bounce to anyone even with the new postfix I think it is probably possible. when do you?
Re: suitable webmail
On Mon, 01 Feb 2010 20:39:49 +0100, mouss mo...@ml.netoyen.net wrote: j debert a écrit : it seems that roundcube is popular. It seems to be most popular among bots as well, according to what my apache logs say. I don't have roundcube but there are frequent attempts to get to php scripts down in the roundcube directories. I'd probably see orders of magnitude more if it weren't for fail2ban. I wonder what it is that makes it so popular? you mean things like GET /roundcube-0.2//bin/msgimport GET /round//bin/msgimport .. they're looking for old versions.. See http://asert.arbornetworks.com/2009/01/roundcube-webmail-scanning/ http://stateofsecurity.com/?p=550 Funnily enough, they don't try SSL. (note that enforcing SSL for any web mail application is a good practice) the current version of roundcube (0.3.1) does not work with the current mod_security I failed to get along with the rules of mod_security. I simply removed. I just read the security alert and I just delete msgimport.sh
Re: [OT] suitable webmail
On Mon, 01 Feb 2010 17:17:49 -0500, Charles Marcus cmar...@media-brokers.com wrote: On 2010-02-01 4:05 PM, Stan Hoeppner wrote: My Roundcube package is currently up to date, and it is a standard Debian package: [02:21:52][r...@greer]/$ aptitude show roundcube Package: roundcube New: yes State: installed Automatically installed: no Version: 0.2.2-1~bpo50+1 Eh? 0.3.1 is the current version, so how is 0.2.2 'up to date'? attention 0.3.1 is the current version , so 0.2.2 is 'up to date'
my postfix are banned ALERTE VIRii
1 messages rejected with banned file names. Banned File Names: .exe,.exe-unix,scellius_600_PLUGIN_linux-2.6.9/bin/request: 1 Times(s) From: 209.85.220.217 1 Time(s) ALERTE ALERTE Virii
Re: Reject_unlisted_recipient issue
just for example my mta return other === $ telnet localhost 25 ... 220 mx.netoyen.net ESMTP Postfix EHLO some.host.example ... MAIL FROM: 250 2.1.0 Ok RCPT TO:mo...@netoyen.net 250 2.1.5 Ok RCPT TO:doesntex...@netoyen.net 550 5.1.1 doesntex...@netoyen.net: Recipient address rejected: User unknown DATA 354 End data with CRLF.CRLF Subject: test test . 250 2.0.0 Ok: queued as 093A7E54898 quit 221 2.0.0 Bye # tail -f /var/log/maillog ... ...: 093A7E54898: reject: RCPT from localhost[127.0.0.1]: 550 5.1.1 doesntex...@netoyen.net: Recipient address rejected: User unknown; from= to=doesntex...@netoyen.net ... ... ...: 48517E54871: from=, size=624, nrcpt=1 (queue active) ...: deliver(mo...@netoyen.net): sieve: msgid=unspecified: stored mail into mailbox 'INBOX' ...: 48517E54871: to=mo...@netoyen.net, relay=dovecot, delay=0.03, delays=0.01/0.02/0/0.01, dsn=2.0.0, status=sent (delivered via dovecot service) ...: 48517E54871: removed as you can see, logs say the message was delivered. and I can read it with my MUA. [r...@r13151 ~]# telnet localhost 25 Trying 127.0.0.1... Connected to localhost.localdomain (127.0.0.1). Escape character is '^]'. 220 r13151.ovh.net ESMTP Postfix (2.5.1) helo fakessh.eu 250 r13151.ovh.net mail from: 250 2.1.0 Ok rcpt to:fake...@fakessh.eu 250 2.1.5 Ok data 354 End data with CRLF.CRLF . 550 5.7.1 can't identify domain in `MAILER-DAEMON' quit 221 2.0.0 Bye Connection closed by foreign host. [r...@r13151 ~]# Mar 19 22:09:00 r13151 postfix/qmgr[11363]: F0C69580BC: removed Mar 19 22:09:04 r13151 postfix/smtpd[26523]: connect from localhost.localdomain[127.0.0.1] Mar 19 22:09:57 r13151 postfix/smtpd[26523]: 16AB057F74: client=localhost.localdomain[127.0.0.1] Mar 19 22:10:11 r13151 postfix/cleanup[26527]: 16AB057F74: message-id=20100319210957.16ab057...@r13151.ovh.net Mar 19 22:10:11 r13151 sid-filter[11203]: unknown-msgid can't determine responsible domain from `MAILER-DAEMON' Mar 19 22:10:11 r13151 postfix/cleanup[26527]: 16AB057F74: milter-reject: END-OF-MESSAGE from localhost.localdomain[127.0.0.1]: 5.7.1 can't identify domain in `MAILER-DAEMON'; from= to=fake...@fakessh.eu proto=SMTP helo=fakessh.eu Mar 19 22:11:10 r13151 dovecot: imap-login: Login: user=fakessh, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS Mar 19 22:11:11 r13151 dovecot: IMAP(fakessh): Disconnected: Logged out
Fwd: Re: Consolidating Virtual Domain Delivery
Original Message Subject: Re: Consolidating Virtual Domain Delivery Date: Mon, 29 Mar 2010 00:14:43 +0200 From: fakessh fake...@fakessh.eu To: Roderick A. Anderson raand...@cyber-office.net On Sun, 28 Mar 2010 15:00:08 -0700, Roderick A. Anderson raand...@cyber-office.net wrote: Daniel L'Hommedieu wrote: On Mar 28, 2010, at 15:23, Wietse Venema wrote: BTW, Postfix 2.3 is no longer maintained. It is almost four years old. Wietse, After seeing this comment, I decided to see what versions of postfix I have installed. The RPM available for both CentOS 5 and RHEL5 is postfix-2.3.3-2.1.el5_2. It's interesting that both of these Linux versions offer a version of postfix that is so old... Maybe I need to look into maintaining postfix manually... Please see the thread starting on 23-Mar-2010 Should I update Postfix? which discusses this. \\||/ Rod there are specially built rpm for redhat http://www.linuxmail.info/postfix-rpm-packages/ http://ftp.wl0.org/official/2.5/RPMS-rhel5-i386/ http://ftp.sanguine.net/pub/postfix/official/2.5/RPMS-rhel5-i386/ I use successfully [r...@r13151 ~]# rpm -qa | grep postfix postfix-2.5.1-1.mysql.sasl2.vda.rhel5 on my little machine in France fakessh
catch-all not working with postfix dovecot lda
hello all hello list hello much many people hello wieste the catch-all does not seem to work. I, however, a proper definition of it in /etc/postfix/virtual postconf -n [r...@r13151 ~]# postconf -n alias_maps = hash:/etc/aliases body_checks = regexp:/etc/postfix/body_checks.cf bounce_notice_recipient = postmaster broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix content_filter = dksign:[127.0.0.1]:10028 daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 default_privs = nobody double_bounce_sender = no header_checks = regexp:/etc/postfix/header_checks.cf home_mailbox = Maildir/ html_directory = /usr/share/doc/postfix-2.5.1-documentation/html in_flow_delay = 10 inet_interfaces = all mail_owner = postfix mail_spool_directory = /var/spool/mail mailbox_command = /usr/libexec/dovecot/deliver mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man maps_rbl_domains = bl.spamcop.net mime_header_checks = regexp:/etc/postfix/mime_header_checks.cf mydestination = $myhostname, localhost.$mydomain, localhost,$mydomain,fakessh.eu,renelacroute.fr,nicolaspichot.fr mydomain = fakessh.eu mynetworks = 127.0.0.0/8 ,87.98.186.232 myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix queue_run_delay = 2000s readme_directory = /usr/share/doc/postfix-2.5.1-documentation/readme recipient_delimiter = + relay_domains = sample_directory = /usr/share/doc/postfix-2.3.3/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_sasl_security_options = noanonymous smtp_sasl_tls_security_options = noanonymous smtp_sender_dependent_authentication = yes smtp_tls_loglevel = 3 smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) smtpd_client_restrictions = permit_mynetworks,reject_unknown_reverse_client_hostname,reject_unauth_pipelining, reject_non_fqdn_recipient , permit smtpd_milters = inet:[127.0.0.1]:10040 smtpd_recipient_restrictions = permit_mynetworks permit_inet_interfaces permit_sasl_authenticated reject_unverified_recipient reject_non_fqdn_sender reject_non_fqdn_recipient reject_unknown_sender_domain reject_unknown_recipient_domain reject_unknown_reverse_client_hostname reject_unauth_destination reject_unauth_pipelining reject_rbl_client zen.spamhaus.org reject_sender_login_mismatch check_policy_service unix:postgrey/socket check_sender_access hash:/etc/postfix/check_backscatterer check_sender_access hash:/etc/postfix/check_spamcannibal check_policy_service unix:private/spfpolicy reject_rbl_client bl.spamcop.net reject_rhsbl_sender dbl.spamhaus.org reject_rbl_client cbl.abuseat.org reject_rbl_client b.barracudacentral.org smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_tls_CAfile = /etc/pki/tls/cert.csr.p12 smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/pki/tls/newcerts/01.pem smtpd_tls_key_file = /etc/pki/tls/private/r13151.ovh.net.key smtpd_tls_received_header = yes smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_session_cache smtpd_use_tls = yes soft_bounce = no tls_random_source = dev:/dev/urandom unknown_local_recipient_reject_code = 550 virtual_alias_domains = fakessh.eu renelacroute.fr nicolaspichot.fr virtual_alias_maps = hash:/etc/postfix/virtual virtual_transport = dovecot
Re: catch-all not working with postfix dovecot lda
On Tue, 13 Apr 2010 16:02:01 -0500, Noel Jones njo...@megan.vbhcs.org wrote: On 4/13/2010 3:34 PM, fakessh wrote: hello all hello list hello much many people hello wieste the catch-all does not seem to work. Doesn't work in what way? Show logs of what happens vs. what you expect to happen. Apr 13 23:29:51 r13151 dovecot: imap-login: Login: user=fakessh, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS Apr 13 23:29:51 r13151 dovecot: IMAP(fakessh): Disconnected: Logged out bytes=8/331 Apr 13 23:29:51 r13151 dovecot: imap-login: Login: user=fakessh, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS Apr 13 23:29:52 r13151 dovecot: IMAP(fakessh): Disconnected: Logged out bytes=329/5780 Apr 13 23:31:35 r13151 postfix/smtpd[5501]: connect from web24304.mail.ird.yahoo.com[87.248.114.201] Apr 13 23:31:35 r13151 postfix/trivial-rewrite[5504]: warning: do not list domain fakessh.eu in BOTH mydestination and virtual_alias_domains Apr 13 23:31:35 r13151 postfix/smtpd[5501]: NOQUEUE: reject: RCPT from web24304.mail.ird.yahoo.com[87.248.114.201]: 450 4.1.1 ca...@fakessh.eu: Recipient address rejected: undeliverable address: unknown user: catch; from=swiltingse...@yahoo.fr to=ca...@fakessh.eu proto=SMTP helo=web24304.mail.ird.yahoo.com Apr 13 23:31:35 r13151 postfix/smtpd[5501]: disconnect from web24304.mail.ird.yahoo.com[87.248.114.201] I, however, a proper definition of it in /etc/postfix/virtual Please show the contents of that file. fake...@fakessh.eu fakessh se...@fakessh.eu serge webm...@fakessh.eu webmail renelacro...@renelacroute.fr renelacroute postmas...@renelacroute.fr renelacroute nicolaspic...@nicolaspichot.frnicolaspichot postmas...@nicolaspichot.fr nicolaspichot ab...@fakessh.eu root ab...@renelacroute.fr root ab...@nicolaspichot.frroot @fakessh root @renelacroute.fr root @nicolaspichot.fr root postmas...@fakessh.eu root -- Noel Jones postconf -n [r...@r13151 ~]# postconf -n alias_maps = hash:/etc/aliases body_checks = regexp:/etc/postfix/body_checks.cf bounce_notice_recipient = postmaster broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix content_filter = dksign:[127.0.0.1]:10028 daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 default_privs = nobody double_bounce_sender = no header_checks = regexp:/etc/postfix/header_checks.cf home_mailbox = Maildir/ html_directory = /usr/share/doc/postfix-2.5.1-documentation/html in_flow_delay = 10 inet_interfaces = all mail_owner = postfix mail_spool_directory = /var/spool/mail mailbox_command = /usr/libexec/dovecot/deliver mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man maps_rbl_domains = bl.spamcop.net mime_header_checks = regexp:/etc/postfix/mime_header_checks.cf mydestination = $myhostname, localhost.$mydomain, localhost,$mydomain,fakessh.eu,renelacroute.fr,nicolaspichot.fr mydomain = fakessh.eu mynetworks = 127.0.0.0/8 ,87.98.186.232 myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix queue_run_delay = 2000s readme_directory = /usr/share/doc/postfix-2.5.1-documentation/readme recipient_delimiter = + relay_domains = sample_directory = /usr/share/doc/postfix-2.3.3/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_sasl_security_options = noanonymous smtp_sasl_tls_security_options = noanonymous smtp_sender_dependent_authentication = yes smtp_tls_loglevel = 3 smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) smtpd_client_restrictions = permit_mynetworks,reject_unknown_reverse_client_hostname,reject_unauth_pipelining, reject_non_fqdn_recipient , permit smtpd_milters = inet:[127.0.0.1]:10040 smtpd_recipient_restrictions = permit_mynetworks permit_inet_interfaces permit_sasl_authenticated reject_unverified_recipient reject_non_fqdn_sender reject_non_fqdn_recipient reject_unknown_sender_domain reject_unknown_recipient_domain reject_unknown_reverse_client_hostname reject_unauth_destination reject_unauth_pipelining reject_rbl_client zen.spamhaus.org reject_sender_login_mismatch check_policy_service unix:postgrey/socket check_sender_access hash:/etc/postfix/check_backscatterer check_sender_access hash:/etc/postfix/check_spamcannibal check_policy_service unix:private/spfpolicy reject_rbl_client bl.spamcop.net reject_rhsbl_sender dbl.spamhaus.org reject_rbl_client cbl.abuseat.org reject_rbl_client b.barracudacentral.org smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot
Re: catch-all not working with postfix dovecot lda
On Tue, 13 Apr 2010 18:38:28 -0300, Egberto Monteiro servido...@futuro.usp.br wrote: Apr 13 23:31:35 r13151 postfix/trivial-rewrite[5504]: warning: do not list domain fakessh.eu in *BOTH *mydestination and virtual_alias_domains this error I do not know how to correct my mail server work correctly with that error fakessh wrote: On Tue, 13 Apr 2010 16:02:01 -0500, Noel Jones njo...@megan.vbhcs.org wrote: On 4/13/2010 3:34 PM, fakessh wrote: hello all hello list hello much many people hello wieste the catch-all does not seem to work. Doesn't work in what way? Show logs of what happens vs. what you expect to happen. Apr 13 23:29:51 r13151 dovecot: imap-login: Login: user=fakessh, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS Apr 13 23:29:51 r13151 dovecot: IMAP(fakessh): Disconnected: Logged out bytes=8/331 Apr 13 23:29:51 r13151 dovecot: imap-login: Login: user=fakessh, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS Apr 13 23:29:52 r13151 dovecot: IMAP(fakessh): Disconnected: Logged out bytes=329/5780 Apr 13 23:31:35 r13151 postfix/smtpd[5501]: connect from web24304.mail.ird.yahoo.com[87.248.114.201] Apr 13 23:31:35 r13151 postfix/trivial-rewrite[5504]: warning: do not list domain fakessh.eu in BOTH mydestination and virtual_alias_domains Apr 13 23:31:35 r13151 postfix/smtpd[5501]: NOQUEUE: reject: RCPT from web24304.mail.ird.yahoo.com[87.248.114.201]: 450 4.1.1 ca...@fakessh.eu: Recipient address rejected: undeliverable address: unknown user: catch; from=swiltingse...@yahoo.fr to=ca...@fakessh.eu proto=SMTP helo=web24304.mail.ird.yahoo.com Apr 13 23:31:35 r13151 postfix/smtpd[5501]: disconnect from web24304.mail.ird.yahoo.com[87.248.114.201] I, however, a proper definition of it in /etc/postfix/virtual Please show the contents of that file. fake...@fakessh.eu fakessh se...@fakessh.eu serge webm...@fakessh.eu webmail renelacro...@renelacroute.fr renelacroute postmas...@renelacroute.fr renelacroute nicolaspic...@nicolaspichot.frnicolaspichot postmas...@nicolaspichot.fr nicolaspichot ab...@fakessh.eu root ab...@renelacroute.fr root ab...@nicolaspichot.frroot @fakessh root @renelacroute.fr root @nicolaspichot.fr root postmas...@fakessh.eu root -- Noel Jones postconf -n [r...@r13151 ~]# postconf -n alias_maps = hash:/etc/aliases body_checks = regexp:/etc/postfix/body_checks.cf bounce_notice_recipient = postmaster broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix content_filter = dksign:[127.0.0.1]:10028 daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 default_privs = nobody double_bounce_sender = no header_checks = regexp:/etc/postfix/header_checks.cf home_mailbox = Maildir/ html_directory = /usr/share/doc/postfix-2.5.1-documentation/html in_flow_delay = 10 inet_interfaces = all mail_owner = postfix mail_spool_directory = /var/spool/mail mailbox_command = /usr/libexec/dovecot/deliver mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man maps_rbl_domains = bl.spamcop.net mime_header_checks = regexp:/etc/postfix/mime_header_checks.cf mydestination = $myhostname, localhost.$mydomain, localhost,$mydomain,fakessh.eu,renelacroute.fr,nicolaspichot.fr mydomain = fakessh.eu mynetworks = 127.0.0.0/8 ,87.98.186.232 myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix queue_run_delay = 2000s readme_directory = /usr/share/doc/postfix-2.5.1-documentation/readme recipient_delimiter = + relay_domains = sample_directory = /usr/share/doc/postfix-2.3.3/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_sasl_security_options = noanonymous smtp_sasl_tls_security_options = noanonymous smtp_sender_dependent_authentication = yes smtp_tls_loglevel = 3 smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) smtpd_client_restrictions = permit_mynetworks,reject_unknown_reverse_client_hostname,reject_unauth_pipelining, reject_non_fqdn_recipient , permit smtpd_milters = inet:[127.0.0.1]:10040 smtpd_recipient_restrictions = permit_mynetworks permit_inet_interfaces permit_sasl_authenticated reject_unverified_recipient reject_non_fqdn_sender reject_non_fqdn_recipient reject_unknown_sender_domain reject_unknown_recipient_domain reject_unknown_reverse_client_hostname reject_unauth_destination reject_unauth_pipelining reject_rbl_client zen.spamhaus.org reject_sender_login_mismatch check_policy_service unix:postgrey/socket check_sender_access hash:/etc/postfix
catch-all not working with postfix dovecot lda
fakessh a écrit : On Tue, 13 Apr 2010 18:38:28 -0300, Egberto Monteiro servido...@futuro.usp.br wrote: Apr 13 23:31:35 r13151 postfix/trivial-rewrite[5504]: warning: do not list domain fakessh.eu in *BOTH *mydestination and virtual_alias_domains this error I do not know how to correct my mail server work correctly with that error the warning really means what it says! you have mydestination = $myhostname, localhost.$mydomain, localhost,$mydomain,fakessh.eu,renelacroute.fr,nicolaspichot.fr virtual_alias_domains = fakessh.eu renelacroute.fr nicolaspichot.fr so fakessh.eu is in mydestination and in virtual_alias_domains. and the warning says it should not. consider reading the docs about address classes. a domain should only belong to _one_ class. (snip] i correct warning on my log postfix Apr 14 16:17:13 r13151 dkimproxy.out[813]: DKIM signing - skipped; message-id=433688.53298...@web24306.mail.ird.yahoo.com, from=swiltingse...@yahoo.fr Apr 14 16:17:13 r13151 postfix/cleanup[8636]: DD2D3580BE: message-id=433688.53298...@web24306.mail.ird.yahoo.com Apr 14 16:17:13 r13151 postfix/cleanup[8637]: DDDCD580BF: message-id=433688.53298...@web24306.mail.ird.yahoo.com Apr 14 16:17:14 r13151 postfix/smtp[8638]: E0AE157F74: to=fake...@fakessh.eu, relay=127.0.0.1[127.0.0.1]:10028, delay=2.7, delays=1.7/0.44/0.12/0.36, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as DD2D3580BE) Apr 14 16:17:14 r13151 postfix/smtpd[8640]: disconnect from localhost.localdomain[127.0.0.1] Apr 14 16:17:14 r13151 postfix/qmgr[8067]: DD2D3580BE: from=swiltingse...@yahoo.fr, size=2771, nrcpt=1 (queue active) Apr 14 16:17:14 r13151 postfix/qmgr[8067]: E0AE157F74: removed Apr 14 16:17:14 r13151 postfix/qmgr[8067]: DDDCD580BF: from=swiltingse...@yahoo.fr, size=2777, nrcpt=1 (queue active) Apr 14 16:17:14 r13151 postfix/smtp[8639]: 137D0580A5: to=postmas...@fakessh.eu, relay=127.0.0.1[127.0.0.1]:10028, delay=2.7, delays=2/0.13/0.11/0.46, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as DDDCD580BF) Apr 14 16:17:14 r13151 postfix/smtpd[8641]: disconnect from localhost.localdomain[127.0.0.1] Apr 14 16:17:14 r13151 postfix/qmgr[8067]: 137D0580A5: removed Apr 14 16:17:14 r13151 clamd[7779]: No stats for Database check - forcing reload Apr 14 16:17:15 r13151 clamd[7779]: Reading databases from /var/clamav Apr 14 16:17:32 r13151 postfix/smtpd[8180]: timeout after END-OF-MESSAGE from localhost.localdomain[127.0.0.1] Apr 14 16:17:32 r13151 postfix/smtpd[8180]: disconnect from localhost.localdomain[127.0.0.1] Apr 14 16:17:45 r13151 clamd[7779]: Database correctly reloaded (1459785 signatures) Apr 14 16:17:46 r13151 postfix/smtpd[8180]: connect from localhost.localdomain[127.0.0.1] Apr 14 16:17:46 r13151 postfix/smtpd[8652]: connect from localhost.localdomain[127.0.0.1] Apr 14 16:17:47 r13151 postfix/smtpd[8180]: 01B0857F74: client=localhost.localdomain[127.0.0.1] Apr 14 16:17:47 r13151 postfix/smtpd[8652]: 233AA580A5: client=localhost.localdomain[127.0.0.1] Apr 14 16:17:47 r13151 postfix/cleanup[8636]: 01B0857F74: message-id=433688.53298...@web24306.mail.ird.yahoo.com Apr 14 16:17:47 r13151 postfix/cleanup[8637]: 233AA580A5: message-id=433688.53298...@web24306.mail.ird.yahoo.com Apr 14 16:17:47 r13151 postfix/smtpd[8180]: disconnect from localhost.localdomain[127.0.0.1] Apr 14 16:17:47 r13151 postfix/qmgr[8067]: 01B0857F74: from=swiltingse...@yahoo.fr, size=3397, nrcpt=1 (queue active) Apr 14 16:17:47 r13151 postfix/smtpd[8653]: connect from localhost.localdomain[127.0.0.1] Apr 14 16:17:48 r13151 postfix/smtpd[8652]: disconnect from localhost.localdomain[127.0.0.1] Apr 14 16:17:48 r13151 postfix/smtpd[8180]: connect from localhost.localdomain[127.0.0.1] Apr 14 16:17:48 r13151 postfix/qmgr[8067]: 233AA580A5: from=swiltingse...@yahoo.fr, size=3397, nrcpt=1 (queue active) Apr 14 16:17:48 r13151 postfix/smtpd[8180]: A38B5580C7: client=localhost.localdomain[127.0.0.1] Apr 14 16:17:48 r13151 postfix/smtpd[8653]: 4BE35580C3: client=localhost.localdomain[127.0.0.1] Apr 14 16:17:48 r13151 postfix/cleanup[8637]: A38B5580C7: message-id=433688.53298...@web24306.mail.ird.yahoo.com Apr 14 16:17:48 r13151 postfix/cleanup[8636]: 4BE35580C3: message-id=433688.53298...@web24306.mail.ird.yahoo.com Apr 14 16:17:48 r13151 postfix/smtpd[8653]: disconnect from localhost.localdomain[127.0.0.1] Apr 14 16:17:48 r13151 postfix/qmgr[8067]: 4BE35580C3: from=, size=3144, nrcpt=1 (queue active) Apr 14 16:17:48 r13151 postfix/smtpd[8180]: disconnect from localhost.localdomain[127.0.0.1] Apr 14 16:17:48 r13151 postfix/qmgr[8067]: A38B5580C7: from=, size=3138, nrcpt=1 (queue active) Apr 14 16:17:48 r13151 amavis[7681]: (07681-04) Passed CLEAN, [127.0.0.1] [90.30.121.52] swiltingse...@yahoo.fr - fake...@r13151.ovh.net, Message-ID: 433688.53298...@web24306.mail.ird.yahoo.com, mail_id: 4rtJcaei-Lv3, Hits: 0.001, size: 2942, queued_as: 233AA580A5, 34627 ms Apr 14 16:17:49 r13151 postfix/lmtp[8644]: DD2D3580BE: to=fake...@r13151.ovh.net, orig_to=fake...@fakessh.eu
Re: catch-all not working with postfix dovecot lda
On Wed, 14 Apr 2010 15:07:51 +, d.h...@yournetplus.com wrote: Quoting fakessh fake...@fakessh.eu: fakessh a écrit : On Tue, 13 Apr 2010 18:38:28 -0300, Egberto Monteiro servido...@futuro.usp.br wrote: Apr 13 23:31:35 r13151 postfix/trivial-rewrite[5504]: warning: do not list domain fakessh.eu in *BOTH *mydestination and virtual_alias_domains this error I do not know how to correct my mail server work correctly with that error the warning really means what it says! you have mydestination = $myhostname, localhost.$mydomain, localhost,$mydomain,fakessh.eu,renelacroute.fr,nicolaspichot.fr virtual_alias_domains = fakessh.eu renelacroute.fr nicolaspichot.fr so fakessh.eu is in mydestination and in virtual_alias_domains. and the warning says it should not. consider reading the docs about address classes. a domain should only belong to _one_ class. (snip] i correct warning on my log postfix [snip] Apr 14 16:19:32 r13151 postfix/cleanup[8771]: warning: regexp map /etc/postfix/body_checks.cf, line 570: unknown regexp option p: skipping this rule Not that this may or may not pertain to the issue, you need to correct this. [snip] correct to this error my log Apr 14 19:41:29 r13151 postfix/smtpd[17760]: connect from web24306.mail.ird.yahoo.com[87.248.114.203] Apr 14 19:41:29 r13151 postfix/cleanup[17766]: B038F57F6F: message-id=20100414174129.b038f57...@r13151.ovh.net Apr 14 19:41:29 r13151 postfix/qmgr[17715]: B038F57F6F: from=n...@r13151.ovh.net, size=252, nrcpt=1 (queue active) Apr 14 19:41:29 r13151 postfix/local[17767]: B038F57F6F: to=fake...@r13151.ovh.net, orig_to=fake...@fakessh.eu, relay=local, delay=0.15, delays=0.14/0.01/0/0, dsn=2.0.0, status=deliverable (delivers to command: /usr/libexec/dovecot/deliver) Apr 14 19:41:29 r13151 postfix/qmgr[17715]: B038F57F6F: removed Apr 14 19:41:32 r13151 postgrey[838]: action=pass, reason=client whitelist, client_name=web24306.mail.ird.yahoo.com, client_address=87.248.114.203, sender=swiltingse...@yahoo.fr, recipient=fake...@fakessh.eu Apr 14 19:41:33 r13151 postfix/policy-spf[17769]: : SPF none (No applicable sender policy available): Envelope-from: swiltingse...@yahoo.fr Apr 14 19:41:33 r13151 postfix/policy-spf[17769]: handler sender_policy_framework: is decisive. Apr 14 19:41:33 r13151 postfix/policy-spf[17769]: : Policy action=PREPEND Received-SPF: none (yahoo.fr: No applicable sender policy available) receiver=r13151.ovh.net; identity=mailfrom; envelope-from=swiltingse...@yahoo.fr; helo=web24306.mail.ird.yahoo.com; client-ip=87.248.114.203 Apr 14 19:41:33 r13151 postfix/smtpd[17760]: D7AAB57F6F: client=web24306.mail.ird.yahoo.com[87.248.114.203] Apr 14 19:41:33 r13151 postfix/cleanup[17766]: D7AAB57F6F: message-id=675502.96820...@web24306.mail.ird.yahoo.com Apr 14 19:41:34 r13151 postfix/qmgr[17715]: D7AAB57F6F: from=swiltingse...@yahoo.fr, size=2301, nrcpt=1 (queue active) Apr 14 19:41:34 r13151 dkimproxy.out[814]: connect from 127.0.0.1 Apr 14 19:41:34 r13151 postfix/smtpd[17760]: disconnect from web24306.mail.ird.yahoo.com[87.248.114.203] Apr 14 19:41:34 r13151 postfix/smtpd[17774]: connect from localhost.localdomain[127.0.0.1] Apr 14 19:41:34 r13151 postfix/smtp[17773]: discarding EHLO keywords: 8BITMIME STARTTLS Apr 14 19:41:34 r13151 postfix/smtpd[17774]: 3A32457F71: client=web24306.mail.ird.yahoo.com[87.248.114.203]:34226 Apr 14 19:41:34 r13151 dkimproxy.out[814]: DKIM signing - skipped; message-id=675502.96820...@web24306.mail.ird.yahoo.com, from=swiltingse...@yahoo.fr Apr 14 19:41:34 r13151 postfix/cleanup[17766]: 3A32457F71: message-id=675502.96820...@web24306.mail.ird.yahoo.com Apr 14 19:41:34 r13151 postfix/qmgr[17715]: 3A32457F71: from=swiltingse...@yahoo.fr, size=2703, nrcpt=1 (queue active) Apr 14 19:41:34 r13151 postfix/smtp[17773]: D7AAB57F6F: to=fake...@fakessh.eu, relay=127.0.0.1[127.0.0.1]:10028, delay=4.8, delays=4.5/0.01/0.06/0.26, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 3A32457F71) Apr 14 19:41:34 r13151 postfix/smtpd[17774]: disconnect from localhost.localdomain[127.0.0.1] Apr 14 19:41:34 r13151 postfix/qmgr[17715]: D7AAB57F6F: removed Apr 14 19:41:34 r13151 postfix/smtpd[17778]: connect from localhost.localdomain[127.0.0.1] Apr 14 19:41:34 r13151 postfix/smtpd[17778]: A7C4457F6F: client=localhost.localdomain[127.0.0.1] Apr 14 19:41:34 r13151 postfix/cleanup[17766]: A7C4457F6F: message-id=675502.96820...@web24306.mail.ird.yahoo.com Apr 14 19:41:34 r13151 postfix/smtpd[17778]: disconnect from localhost.localdomain[127.0.0.1] Apr 14 19:41:34 r13151 postfix/qmgr[17715]: A7C4457F6F: from=swiltingse...@yahoo.fr, size=3329, nrcpt=1 (queue active) Apr 14 19:41:34 r13151 postfix/smtpd[17778]: connect from localhost.localdomain[127.0.0.1] Apr 14 19:41:34 r13151 postfix/smtpd[17778]: D388357F74: client=localhost.localdomain[127.0.0.1] Apr 14 19:41:34 r13151 postfix/cleanup[17766]: D388357F74: message-id=675502.96820...@web24306.mail.ird.yahoo.com Apr 14 19:41:35 r13151 postfix
Re: catch-all not working with postfix dovecot lda
On Wed, 14 Apr 2010 14:12:25 -0400, Charles Marcus cmar...@media-brokers.com wrote: On 2010-04-14 1:47 PM, fakessh wrote: correct to this error my log Please do NOT send verbose logs unless requested to do so... Disable verbose logging, and then provide a complete log transaction of ONLY one message exhibiting the problem. Apr 14 20:44:29 r13151 postfix/smtpd[21005]: connect from web24305.mail.ird.yahoo.com[87.248.114.202] Apr 14 20:44:29 r13151 postfix/smtpd[21005]: NOQUEUE: reject: RCPT from web24305.mail.ird.yahoo.com[87.248.114.202]: 450 4.1.1 ca...@fakessh.eu: Recipient address rejected: undeliverable address: User unknown in virtual alias table; from=swiltingse...@yahoo.fr to=ca...@fakessh.eu proto=SMTP helo=web24305.mail.ird.yahoo.com Apr 14 20:44:29 r13151 postfix/smtpd[21005]: disconnect from web24305.mail.ird.yahoo.com[87.248.114.202]
Re: catch-all not working with postfix dovecot lda
On Wed, 14 Apr 2010 13:50:34 -0500, Noel Jones njo...@megan.vbhcs.org wrote: On 4/14/2010 1:45 PM, fakessh wrote: On Wed, 14 Apr 2010 14:12:25 -0400, Charles Marcus cmar...@media-brokers.com wrote: I changed the entries @fakessh to r...@localhost in /etc/postfix/virtual postmap then a file to the postfix restart. all without success, or rather the same mistake Apr 14 20:44:29 r13151 postfix/smtpd[21005]: connect from web24305.mail.ird.yahoo.com[87.248.114.202] Apr 14 20:44:29 r13151 postfix/smtpd[21005]: NOQUEUE: reject: RCPT from web24305.mail.ird.yahoo.com[87.248.114.202]: 450 4.1.1ca...@fakessh.eu: Recipient address rejected: undeliverable address: User unknown in virtual alias table; from=swiltingse...@yahoo.fr to=ca...@fakessh.eu proto=SMTP helo=web24305.mail.ird.yahoo.com Apr 14 20:44:29 r13151 postfix/smtpd[21005]: disconnect from web24305.mail.ird.yahoo.com[87.248.114.202] As documented, virtual_alias_domains must be rewritten to a different domain. Change your virtual_alias_maps entry to @fakessh.eu r...@localhost -- Noel Jones
Re: catch-all not working with postfix dovecot lda
On Thu, 15 Apr 2010 08:33:43 -0500, Noel Jones njo...@megan.vbhcs.org wrote: On 4/14/2010 3:42 PM, fakessh wrote: On Wed, 14 Apr 2010 13:50:34 -0500, Noel Jonesnjo...@megan.vbhcs.org wrote: On 4/14/2010 1:45 PM, fakessh wrote: On Wed, 14 Apr 2010 14:12:25 -0400, Charles Marcus cmar...@media-brokers.com wrote: I changed the entries @fakessh to r...@localhost in /etc/postfix/virtual postmap then a file to the postfix restart. all without success, or rather the same mistake Then post your new postconf -n, log entries showing the problem, and file contents. my postcon -n [r...@r13151 ~]# postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases body_checks = regexp:/etc/postfix/body_checks.cf bounce_notice_recipient = postmaster broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix content_filter = dksign:[127.0.0.1]:10028 daemon_directory = /usr/libexec/postfix debug_peer_level = 2 default_privs = nobody double_bounce_sender = no header_checks = regexp:/etc/postfix/header_checks.cf home_mailbox = Maildir/ html_directory = no in_flow_delay = 10 inet_interfaces = all mail_spool_directory = /var/spool/mail mailbox_command = /usr/libexec/dovecot/deliver mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man maps_rbl_domains = bl.spamcop.net mime_header_checks = regexp:/etc/postfix/mime_header_checks.cf mydestination = $myhostname, localhost.$mydomain mydomain = r13151.ovh.net mynetworks = 127.0.0.0/8 ,87.98.186.232 myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix queue_run_delay = 2000s readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES recipient_delimiter = + relay_domains = sample_directory = /usr/share/doc/postfix-2.3.3/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_sasl_security_options = noanonymous smtp_sasl_tls_security_options = noanonymous smtp_sender_dependent_authentication = yes smtp_tls_loglevel = 3 smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) smtpd_client_restrictions = permit_mynetworks,reject_unknown_reverse_client_hostname,reject_unauth_pipelining, reject_non_fqdn_recipient , permit smtpd_milters = inet:[127.0.0.1]:10040 smtpd_recipient_restrictions = permit_mynetworks permit_inet_interfaces permit_sasl_authenticated reject_unverified_recipient reject_non_fqdn_sender reject_non_fqdn_recipient reject_unknown_sender_domain reject_unknown_recipient_domain reject_unknown_reverse_client_hostname reject_unauth_destination reject_unauth_pipelining reject_rbl_client zen.spamhaus.org reject_sender_login_mismatch check_policy_service unix:postgrey/socket check_sender_access hash:/etc/postfix/check_backscatterer check_policy_service unix:private/spfpolicy reject_rbl_client bl.spamcop.net reject_rhsbl_sender dbl.spamhaus.org reject_rbl_client cbl.abuseat.org reject_rbl_client b.barracudacentral.org smtpd_reject_unlisted_sender = no smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_tls_CAfile = /etc/pki/tls/sub.class4.server.ca.pem smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/pki/tls/newcerts/01.pem smtpd_tls_key_file = /etc/pki/tls/private/r13151.ovh.net.key smtpd_tls_received_header = yes smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_session_cache smtpd_use_tls = yes soft_bounce = no tls_random_source = dev:/dev/urandom unknown_local_recipient_reject_code = 550 virtual_alias_domains = fakessh.eu renelacroute.fr nicolaspichot.fr virtual_alias_maps = hash:/etc/postfix/virtual But you already have all the information you need to fix this yourself. Key points are 1) use fully qualified names in virtual_alias_maps. ie. u...@example1.com u...@example2.com *not* u...@example1.com user my jed /etc/postfix/virtual # # AUTHOR(S) #Wietse Venema #IBM T.J. Watson Research #P.O. Box 704 #Yorktown Heights, NY 10598, USA # # VIRTUAL(5$ postmas...@fakessh.eu r...@localhost.r13151.ovh.net fake...@fakessh.eu fake...@localhost.r13151.ovh.net webm...@fakessh.eu webm...@localhost.r13151.ovh.net se...@fakessh.eu se...@localhost.r13151.ovh.net @fakessh r...@localhost.r13151.ovh.net renelacro...@renelacroute.fr renelacro...@localhost.r13151.ovh.net @renelacroute.fr r...@localhost.r13151.ovh.net postmas...@renelacroute.fr r...@localhost.r13151.ovh.net nicolaspic...@nicolaspichot.fr nicolaspic...@localhost.r13151.ovh.net @nicolaspichot.fr r...@localhost.r13151.ovh.net 2) if you want local delivery of the mail, the new domain must be listed in mydestination. i use local delivery agent [r...@r13151 ~]# rpm -qa | grep dovecot dovecot-sieve-devel
Re: catch-all not working with postfix dovecot lda
On Fri, 16 Apr 2010 00:26:25 +0200, fakessh fake...@fakessh.eu wrote: On Thu, 15 Apr 2010 08:33:43 -0500, Noel Jones njo...@megan.vbhcs.org wrote: On 4/14/2010 3:42 PM, fakessh wrote: On Wed, 14 Apr 2010 13:50:34 -0500, Noel Jonesnjo...@megan.vbhcs.org wrote: On 4/14/2010 1:45 PM, fakessh wrote: On Wed, 14 Apr 2010 14:12:25 -0400, Charles Marcus cmar...@media-brokers.com wrote: I changed the entries @fakessh to r...@localhost in /etc/postfix/virtual postmap then a file to the postfix restart. all without success, or rather the same mistake Then post your new postconf -n, log entries showing the problem, and file contents. my postcon -n [r...@r13151 ~]# postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases body_checks = regexp:/etc/postfix/body_checks.cf bounce_notice_recipient = postmaster broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix content_filter = dksign:[127.0.0.1]:10028 daemon_directory = /usr/libexec/postfix debug_peer_level = 2 default_privs = nobody double_bounce_sender = no header_checks = regexp:/etc/postfix/header_checks.cf home_mailbox = Maildir/ html_directory = no in_flow_delay = 10 inet_interfaces = all mail_spool_directory = /var/spool/mail mailbox_command = /usr/libexec/dovecot/deliver mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man maps_rbl_domains = bl.spamcop.net mime_header_checks = regexp:/etc/postfix/mime_header_checks.cf mydestination = $myhostname, localhost.$mydomain mydomain = r13151.ovh.net mynetworks = 127.0.0.0/8 ,87.98.186.232 myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix queue_run_delay = 2000s readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES recipient_delimiter = + relay_domains = sample_directory = /usr/share/doc/postfix-2.3.3/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_sasl_security_options = noanonymous smtp_sasl_tls_security_options = noanonymous smtp_sender_dependent_authentication = yes smtp_tls_loglevel = 3 smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) smtpd_client_restrictions = permit_mynetworks,reject_unknown_reverse_client_hostname,reject_unauth_pipelining, reject_non_fqdn_recipient , permit smtpd_milters = inet:[127.0.0.1]:10040 smtpd_recipient_restrictions = permit_mynetworks permit_inet_interfaces permit_sasl_authenticated reject_unverified_recipient reject_non_fqdn_sender reject_non_fqdn_recipient reject_unknown_sender_domain reject_unknown_recipient_domain reject_unknown_reverse_client_hostname reject_unauth_destination reject_unauth_pipelining reject_rbl_client zen.spamhaus.org reject_sender_login_mismatch check_policy_service unix:postgrey/socket check_sender_access hash:/etc/postfix/check_backscatterer check_policy_service unix:private/spfpolicy reject_rbl_client bl.spamcop.net reject_rhsbl_sender dbl.spamhaus.org reject_rbl_client cbl.abuseat.org reject_rbl_client b.barracudacentral.org smtpd_reject_unlisted_sender = no smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_tls_CAfile = /etc/pki/tls/sub.class4.server.ca.pem smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/pki/tls/newcerts/01.pem smtpd_tls_key_file = /etc/pki/tls/private/r13151.ovh.net.key smtpd_tls_received_header = yes smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_session_cache smtpd_use_tls = yes soft_bounce = no tls_random_source = dev:/dev/urandom unknown_local_recipient_reject_code = 550 virtual_alias_domains = fakessh.eu renelacroute.fr nicolaspichot.fr virtual_alias_maps = hash:/etc/postfix/virtual But you already have all the information you need to fix this yourself. Key points are 1) use fully qualified names in virtual_alias_maps. ie. u...@example1.com u...@example2.com *not* u...@example1.com user my jed /etc/postfix/virtual # # AUTHOR(S) #Wietse Venema #IBM T.J. Watson Research #P.O. Box 704 #Yorktown Heights, NY 10598, USA # # VIRTUAL(5$ postmas...@fakessh.eu r...@localhost.r13151.ovh.net fake...@fakessh.eu fake...@localhost.r13151.ovh.net webm...@fakessh.eu webm...@localhost.r13151.ovh.net se...@fakessh.eu se...@localhost.r13151.ovh.net @fakessh r...@localhost.r13151.ovh.net renelacro...@renelacroute.fr renelacro...@localhost.r13151.ovh.net @renelacroute.fr r...@localhost.r13151.ovh.net postmas...@renelacroute.fr r...@localhost.r13151.ovh.net nicolaspic...@nicolaspichot.fr nicolaspic...@localhost.r13151.ovh.net @nicolaspichot.fr r...@localhost.r13151.ovh.net 2) if you
Re: [Dovecot] catch-all not working with postfix dovecot lda
On Fri, 16 Apr 2010 09:07:55 +1000, Noel Butler noel.but...@ausics.net wrote: Postfix must first know the user(s) therefore this isa postfix issue and not dovecot dovecot deliver assumes the MTA has verified the user to accept mail from and does not do further authentication how to build a catch-all with dovecot lda the question then. is not a postfix issue On Fri, 2010-04-16 at 01:00 +0200, fakessh wrote: its tha archive to the cross post to postfix-users help me http://www.mail-archive.com/postfix-users@postfix.org/msg22963.html On Fri, 16 Apr 2010 00:26:25 +0200, fakessh fake...@fakessh.eu wrote: On Thu, 15 Apr 2010 08:33:43 -0500, Noel Jones njo...@megan.vbhcs.org wrote: On 4/14/2010 3:42 PM, fakessh wrote: On Wed, 14 Apr 2010 13:50:34 -0500, Noel Jonesnjo...@megan.vbhcs.org wrote: On 4/14/2010 1:45 PM, fakessh wrote: On Wed, 14 Apr 2010 14:12:25 -0400, Charles Marcus cmar...@media-brokers.com wrote: I changed the entries @fakessh to r...@localhost in /etc/postfix/virtual postmap then a file to the postfix restart. all without success, or rather the same mistake Then post your new postconf -n, log entries showing the problem, and file contents. my postcon -n [r...@r13151 ~]# postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases body_checks = regexp:/etc/postfix/body_checks.cf bounce_notice_recipient = postmaster broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix content_filter = dksign:[127.0.0.1]:10028 daemon_directory = /usr/libexec/postfix debug_peer_level = 2 default_privs = nobody double_bounce_sender = no header_checks = regexp:/etc/postfix/header_checks.cf home_mailbox = Maildir/ html_directory = no in_flow_delay = 10 inet_interfaces = all mail_spool_directory = /var/spool/mail mailbox_command = /usr/libexec/dovecot/deliver mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man maps_rbl_domains = bl.spamcop.net mime_header_checks = regexp:/etc/postfix/mime_header_checks.cf mydestination = $myhostname, localhost.$mydomain mydomain = r13151.ovh.net mynetworks = 127.0.0.0/8 ,87.98.186.232 myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix queue_run_delay = 2000s readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES recipient_delimiter = + relay_domains = sample_directory = /usr/share/doc/postfix-2.3.3/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_sasl_security_options = noanonymous smtp_sasl_tls_security_options = noanonymous smtp_sender_dependent_authentication = yes smtp_tls_loglevel = 3 smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) smtpd_client_restrictions = permit_mynetworks,reject_unknown_reverse_client_hostname,reject_unauth_pipelining, reject_non_fqdn_recipient , permit smtpd_milters = inet:[127.0.0.1]:10040 smtpd_recipient_restrictions = permit_mynetworks permit_inet_interfaces permit_sasl_authenticated reject_unverified_recipient reject_non_fqdn_sender reject_non_fqdn_recipient reject_unknown_sender_domain reject_unknown_recipient_domain reject_unknown_reverse_client_hostname reject_unauth_destination reject_unauth_pipelining reject_rbl_client zen.spamhaus.org reject_sender_login_mismatch check_policy_service unix:postgrey/socket check_sender_access hash:/etc/postfix/check_backscatterer check_policy_service unix:private/spfpolicy reject_rbl_client bl.spamcop.net reject_rhsbl_sender dbl.spamhaus.org reject_rbl_client cbl.abuseat.org reject_rbl_client b.barracudacentral.org smtpd_reject_unlisted_sender = no smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_tls_CAfile = /etc/pki/tls/sub.class4.server.ca.pem smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/pki/tls/newcerts/01.pem smtpd_tls_key_file = /etc/pki/tls/private/r13151.ovh.net.key smtpd_tls_received_header = yes smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_session_cache smtpd_use_tls = yes soft_bounce = no tls_random_source = dev:/dev/urandom unknown_local_recipient_reject_code = 550 virtual_alias_domains = fakessh.eu renelacroute.fr nicolaspichot.fr virtual_alias_maps = hash:/etc/postfix/virtual But you already have all the information you need to fix this yourself. Key points are 1) use fully qualified names in virtual_alias_maps. ie. u...@example1.com u...@example2.com *not* u...@example1.com user my jed /etc/postfix/virtual # # AUTHOR(S) # Wietse Venema # IBM T.J. Watson Research # P.O. Box 704 # Yorktown Heights, NY 10598, USA # # VIRTUAL(5$ postmas...@fakessh.eu r...@localhost.r13151.ovh.net fake
Fwd: Re: [Dovecot] catch-all not working with postfix dovecot lda (fwd)
it may be a problem in dealing with amavisd perl milter Subject: Re: [Dovecot] catch-all not working with postfix dovecot lda On Fri, 16 Apr 2010 09:07:55 +1000, Noel Butler noel.but...@ausics.net wrote: Postfix must first know the user(s) therefore this isa postfix issue and not dovecot dovecot deliver assumes the MTA has verified the user to accept mail from and does not do further authentication how to build a catch-all with dovecot lda the question then. is not a postfix issue On Fri, 2010-04-16 at 01:00 +0200, fakessh wrote: its tha archive to the cross post to postfix-users help me http://www.mail-archive.com/postfix-users@postfix.org/msg22963.html On Fri, 16 Apr 2010 00:26:25 +0200, fakessh fake...@fakessh.eu wrote: On Thu, 15 Apr 2010 08:33:43 -0500, Noel Jones njo...@megan.vbhcs.org wrote: On 4/14/2010 3:42 PM, fakessh wrote: On Wed, 14 Apr 2010 13:50:34 -0500, Noel Jonesnjo...@megan.vbhcs.org wrote: On 4/14/2010 1:45 PM, fakessh wrote: On Wed, 14 Apr 2010 14:12:25 -0400, Charles Marcus cmar...@media-brokers.com wrote: I changed the entries @fakessh to r...@localhost in /etc/postfix/virtual postmap then a file to the postfix restart. all without success, or rather the same mistake Then post your new postconf -n, log entries showing the problem, and file contents. my postcon -n [r...@r13151 ~]# postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases body_checks = regexp:/etc/postfix/body_checks.cf bounce_notice_recipient = postmaster broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix content_filter = dksign:[127.0.0.1]:10028 daemon_directory = /usr/libexec/postfix debug_peer_level = 2 default_privs = nobody double_bounce_sender = no header_checks = regexp:/etc/postfix/header_checks.cf home_mailbox = Maildir/ html_directory = no in_flow_delay = 10 inet_interfaces = all mail_spool_directory = /var/spool/mail mailbox_command = /usr/libexec/dovecot/deliver mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man maps_rbl_domains = bl.spamcop.net mime_header_checks = regexp:/etc/postfix/mime_header_checks.cf mydestination = $myhostname, localhost.$mydomain mydomain = r13151.ovh.net mynetworks = 127.0.0.0/8 ,87.98.186.232 myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix queue_run_delay = 2000s readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES recipient_delimiter = + relay_domains = sample_directory = /usr/share/doc/postfix-2.3.3/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_sasl_security_options = noanonymous smtp_sasl_tls_security_options = noanonymous smtp_sender_dependent_authentication = yes smtp_tls_loglevel = 3 smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) smtpd_client_restrictions = permit_mynetworks,reject_unknown_reverse_client_hostname,reject_unauth_pipelining, reject_non_fqdn_recipient , permit smtpd_milters = inet:[127.0.0.1]:10040 smtpd_recipient_restrictions = permit_mynetworks permit_inet_interfaces permit_sasl_authenticated reject_unverified_recipient reject_non_fqdn_sender reject_non_fqdn_recipient reject_unknown_sender_domain reject_unknown_recipient_domain reject_unknown_reverse_client_hostname reject_unauth_destination reject_unauth_pipelining reject_rbl_client zen.spamhaus.org reject_sender_login_mismatch check_policy_service unix:postgrey/socket check_sender_access hash:/etc/postfix/check_backscatterer check_policy_service unix:private/spfpolicy reject_rbl_client bl.spamcop.net reject_rhsbl_sender dbl.spamhaus.org reject_rbl_client cbl.abuseat.org reject_rbl_client b.barracudacentral.org smtpd_reject_unlisted_sender = no smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_tls_CAfile = /etc/pki/tls/sub.class4.server.ca.pem smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/pki/tls/newcerts/01.pem smtpd_tls_key_file = /etc/pki/tls/private/r13151.ovh.net.key smtpd_tls_received_header = yes smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_session_cache smtpd_use_tls = yes soft_bounce = no tls_random_source = dev:/dev/urandom unknown_local_recipient_reject_code = 550 virtual_alias_domains = fakessh.eu renelacroute.fr nicolaspichot.fr virtual_alias_maps = hash:/etc/postfix/virtual But you already have all the information you need to fix this yourself. Key points are 1) use fully qualified names in virtual_alias_maps. ie. u...@example1.com u...@example2.com *not* u...@example1.com user my jed /etc/postfix/virtual # # AUTHOR(S) # Wietse Venema # IBM T.J. Watson Research # P.O. Box 704
Fwd: Re: [Dovecot] catch-all not working with postfix dovecot lda
hi all hi wieste hi all users of this list hi much many people good god, I come with the same question I always wonder how to build a catch-all I asked the same question on the list dovecot http://www.mail-archive.com/postfix-users@postfix.org/msg22963.html after discussion, it appears that the work of a local delivery agent could not have catch-all the mailing list are to share knowledge ps : god bless all them its my proper thinks http://minilien.fr/a0lhww Original Message Subject: Re: [Dovecot] catch-all not working with postfix dovecot lda Date: Fri, 16 Apr 2010 12:39:24 +1000 From: Noel Butler noel.but...@ausics.net To: Dovecot Mailing List dove...@dovecot.org On Fri, 2010-04-16 at 03:50 +0200, fakessh wrote: On Fri, 16 Apr 2010 01:53:32 +0200, Pascal Volk user+dove...@localhost.localdomain.org wrote: On 04/16/2010 01:18 AM fakessh wrote: how to build a catch-all with dovecot lda the question then. is not a postfix issue Still a Postfix issue. Dovecot doesn't know anything about 'spammy catch all accounts'. Your MTA has to expand the the catch all address to an address which is known by Dovecot. Regards, Pascal could very well via a parameter in dovecot.conf accept unknown users. a small patch a small patch party thanks for advise This is *NOT* the job of dovecot (or ANY delivery agent), it is the job of your MTA, in your ,case postfix, please keep to the postfix list on this question as that is where the issue is.
Re: catch-all not working with postfix dovecot lda
On Sat, 17 Apr 2010 14:26:22 +0200, mouss mo...@ml.netoyen.net wrote: fakessh a écrit : On Thu, 15 Apr 2010 08:33:43 -0500, Noel Jones njo...@megan.vbhcs.org wrote: On 4/14/2010 3:42 PM, fakessh wrote: On Wed, 14 Apr 2010 13:50:34 -0500, Noel Jonesnjo...@megan.vbhcs.org wrote: On 4/14/2010 1:45 PM, fakessh wrote: On Wed, 14 Apr 2010 14:12:25 -0400, Charles Marcus cmar...@media-brokers.com wrote: I changed the entries @fakessh to r...@localhost in /etc/postfix/virtual postmap then a file to the postfix restart. all without success, or rather the same mistake [snip] my jed /etc/postfix/virtual # # AUTHOR(S) #Wietse Venema #IBM T.J. Watson Research #P.O. Box 704 #Yorktown Heights, NY 10598, USA # # VIRTUAL(5$ postmas...@fakessh.eu r...@localhost.r13151.ovh.net fake...@fakessh.eu fake...@localhost.r13151.ovh.net webm...@fakessh.eu webm...@localhost.r13151.ovh.net se...@fakessh.eu se...@localhost.r13151.ovh.net @fakessh r...@localhost.r13151.ovh.net fakessh != fakessh.eu. you want: @fakessh.eu r...@localhost.r13151.ovh.net I have but it does not work hi wieste is the girl [snip]
Re: catch-all not working with postfix dovecot lda
On Sat, 17 Apr 2010 17:16:04 +0200, mouss mo...@ml.netoyen.net wrote: fakessh a écrit : On Sat, 17 Apr 2010 14:26:22 +0200, mouss mo...@ml.netoyen.net wrote: fakessh a écrit : On Thu, 15 Apr 2010 08:33:43 -0500, Noel Jones njo...@megan.vbhcs.org wrote: On 4/14/2010 3:42 PM, fakessh wrote: On Wed, 14 Apr 2010 13:50:34 -0500, Noel Jonesnjo...@megan.vbhcs.org wrote: On 4/14/2010 1:45 PM, fakessh wrote: On Wed, 14 Apr 2010 14:12:25 -0400, Charles Marcus cmar...@media-brokers.com wrote: I changed the entries @fakessh to r...@localhost in /etc/postfix/virtual postmap then a file to the postfix restart. all without success, or rather the same mistake [snip] my jed /etc/postfix/virtual # # AUTHOR(S) #Wietse Venema #IBM T.J. Watson Research #P.O. Box 704 #Yorktown Heights, NY 10598, USA # # VIRTUAL(5$ postmas...@fakessh.eu r...@localhost.r13151.ovh.net fake...@fakessh.eu fake...@localhost.r13151.ovh.net webm...@fakessh.eu webm...@localhost.r13151.ovh.net se...@fakessh.eu se...@localhost.r13151.ovh.net @fakessh r...@localhost.r13151.ovh.net fakessh != fakessh.eu. you want: @fakessh.eu r...@localhost.r13151.ovh.net I have but it does not work it is not in the file you showed. please show the output of postmap -q @fakessh.eu hash:/etc/postfix/virtual to show my output : thanks mouss [r...@r13151 ~]# postmap -q @fakessh.eu hash:/etc/postfix/virtual [r...@r13151 ~]# postmap -q @renelacroute.fr hash:/etc/postfix/virtual [r...@r13151 ~]# postmap -q @fakessh.eu hash:/etc/postfix/virtual [r...@r13151 ~]# postmap /etc/postfix/virtual plus postfix restart log to my error Apr 17 17:27:02 r13151 postfix/tlsmgr[24186]: open smtp TLS cache btree:/var/lib/postfix/smtp_tls_session_cache Apr 17 17:27:02 r13151 postfix/tlsmgr[24186]: tlsmgr_cache_run_event: start TLS smtp session cache cleanup Apr 17 17:27:02 r13151 postfix/smtpd[24185]: connect from smtp28.orange.fr[80.12.242.101] Apr 17 17:27:02 r13151 postfix/cleanup[24224]: BF607241BC1: message-id=20100417152702.bf607241...@r13151.ovh.net Apr 17 17:27:03 r13151 postfix/qmgr[24177]: BF607241BC1: from=n...@r13151.ovh.net, size=254, nrcpt=1 (queue active) Apr 17 17:27:03 r13151 postfix/error[24225]: BF607241BC1: to=n...@fakessh.eu, relay=none, delay=0.66, delays=0.46/0.21/0/0, dsn=5.0.0, status=undeliverable (User unknown in virtual alias table) Apr 17 17:27:03 r13151 postfix/qmgr[24177]: BF607241BC1: removed Apr 17 17:27:05 r13151 postfix/smtpd[24185]: NOQUEUE: reject: RCPT from smtp28.orange.fr[80.12.242.101]: 450 4.1.1 n...@fakessh.eu: Recipient address rejected: undeliverable address: User unknown in virtual alias table; from=john.swilt...@wanadoo.fr to=n...@fakessh.eu proto=ESMTP helo=smtp28.orange.fr Apr 17 17:27:05 r13151 postfix/smtpd[24185]: disconnect from smtp28.orange.fr[80.12.242.101] after you gather that output, do a new test. [snip]
Re: catch-all not working with postfix dovecot lda
On Sat, 17 Apr 2010 17:29:04 +0200, fakessh fake...@fakessh.eu wrote: On Sat, 17 Apr 2010 17:16:04 +0200, mouss mo...@ml.netoyen.net wrote: fakessh a écrit : On Sat, 17 Apr 2010 14:26:22 +0200, mouss mo...@ml.netoyen.net wrote: fakessh a écrit : On Thu, 15 Apr 2010 08:33:43 -0500, Noel Jones njo...@megan.vbhcs.org wrote: On 4/14/2010 3:42 PM, fakessh wrote: On Wed, 14 Apr 2010 13:50:34 -0500, Noel Jonesnjo...@megan.vbhcs.org wrote: On 4/14/2010 1:45 PM, fakessh wrote: On Wed, 14 Apr 2010 14:12:25 -0400, Charles Marcus cmar...@media-brokers.com wrote: I changed the entries @fakessh to r...@localhost in /etc/postfix/virtual postmap then a file to the postfix restart. all without success, or rather the same mistake [snip] my jed /etc/postfix/virtual # # AUTHOR(S) #Wietse Venema #IBM T.J. Watson Research #P.O. Box 704 #Yorktown Heights, NY 10598, USA # # VIRTUAL(5$ postmas...@fakessh.eu r...@localhost.r13151.ovh.net fake...@fakessh.eu fake...@localhost.r13151.ovh.net webm...@fakessh.eu webm...@localhost.r13151.ovh.net se...@fakessh.eu se...@localhost.r13151.ovh.net @fakessh r...@localhost.r13151.ovh.net fakessh != fakessh.eu. you want: @fakessh.eur...@localhost.r13151.ovh.net I have to redo the manipulations. and it works /etc/postfix/virtual # VIRTUAL(5$ postmas...@fakessh.eu r...@localhost.r13151.ovh.net fake...@fakessh.eu fake...@localhost.r13151.ovh.net,r...@localhost.r13151.o$ webm...@fakessh.eu webm...@localhost.r13151.ovh.net,r...@localhost.r13151.o$ se...@fakessh.eu se...@localhost.r13151.ovh.net,r...@localhost.r13151.ovh$ ab...@fakessh.eu r...@localhost.r13151.ovh.net postmas...@fakessh r...@localhost.r13151.ovh.net renelacro...@renelacroute.fr renelacro...@localhost.r13151.ovh.net,r...@localho$ postmas...@renelacroute.fr r...@localhost.r13151.ovh.net nicolaspic...@nicolaspichot.fr nicolaspic...@localhost.r13151.ovh.net,r...@lo$ ab...@nicolaspichot.fr r...@localhost.r13151.ovh.net postmas...@nicolaspichot.fr r...@localhost.r13151.ovh.net i...@fakessh.eu r...@localhost.r13151.ovh.net ca...@fakessh.eu r...@localhost.r13151.ovh.net r...@fakessh.eu r...@localhost.r13151.ovh.net f...@fakessh.eu r...@localhost.r13151.ovh.net @fakessh.eur...@localhost.r13151.ovh.net @renelacroute.fr r...@localhost.r13151.ovh.net @nicolaspichot.fr r...@localhost.r13151.ovh.net [r...@r13151 ~]# dovecot -n # 1.2.11: /etc/dovecot.conf # OS: Linux 2.6.24.5-grsec--grs-ipv4-32 i686 CentOS release 5.4 (Final) base_dir: /var/run/dovecot/ log_timestamp: %Y-%m-%d %H:%M:%S protocols: imap imaps pop3 pop3s managesieve listen(default): [::] listen(imap): [::] listen(pop3): [::] listen(managesieve): *:2000 ssl_listen(default): *:993 ssl_listen(imap): *:993 ssl_listen(pop3): *:995 ssl_listen(managesieve): ssl_ca_file: /etc/pki/tls/cert.csr.p12 ssl_cert_file: /etc/pki/tls/newcerts/01.pem ssl_key_file: /etc/pki/tls/private/r13151.ovh.net.key version_ignore: yes login_dir: /var/run/dovecot//login login_executable(default): /usr/libexec/dovecot/imap-login login_executable(imap): /usr/libexec/dovecot/imap-login login_executable(pop3): /usr/libexec/dovecot/pop3-login login_executable(managesieve): /usr/libexec/dovecot/managesieve-login mail_location: maildir:~/Maildir:INBOX=~/Maildir/.INBOX mail_executable(default): /usr/libexec/dovecot/imap mail_executable(imap): /usr/libexec/dovecot/imap mail_executable(pop3): /usr/libexec/dovecot/pop3 mail_executable(managesieve): /usr/libexec/dovecot/managesieve mail_plugins(default): autocreate mail_plugins(imap): autocreate mail_plugins(pop3): autocreate mail_plugins(managesieve): mail_plugin_dir(default): /usr/lib/dovecot/imap mail_plugin_dir(imap): /usr/lib/dovecot/imap mail_plugin_dir(pop3): /usr/lib/dovecot/pop3 mail_plugin_dir(managesieve): /usr/lib/dovecot/managesieve imap_client_workarounds(default): delay-newmail outlook-idle netscape-eoh tb-extra-mailbox-sep imap_client_workarounds(imap): delay-newmail outlook-idle netscape-eoh tb-extra-mailbox-sep imap_client_workarounds(pop3): imap_client_workarounds(managesieve): pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh pop3_client_workarounds(managesieve): managesieve_logout_format(default): bytes=%i/%o managesieve_logout_format(imap): bytes=%i/%o managesieve_logout_format(pop3): bytes=%i/%o managesieve_logout_format(managesieve): bytes ( in=%i : out=%o ) lda: postmaster_address: postmas...@fakessh.eu hostname: r13151.ovh.net mail_plugins: cmusieve mail_plugin_dir
are you there a official version of centos postfix most days can be redhat
hello postfix network are you there a official version of centos postfix most days can be redhat this actual version is [r...@r13151 ~]# rpm -qa | grep postfix postfix-pflogsumm-2.3.3-2.1.el5_2 postfix-2.3.3-2.1.el5_2 This version is outdated and is no longer supported how to keep the upstream of centos
RE: are you there a official version of centos postfix most days can be redhat
On Fri, 21 May 2010 21:06:37 -0700, Gary Smith gary.sm...@holdstead.com wrote: hello postfix network are you there a official version of centos postfix most days can be redhat this actual version is [r...@r13151 ~]# rpm -qa | grep postfix postfix-pflogsumm-2.3.3-2.1.el5_2 postfix-2.3.3-2.1.el5_2 This version is outdated and is no longer supported how to keep the upstream of centos CentOS/RedHat will always be outdating as they try to stay with binary compatible. Personally, I compile my own RPM's. I'm sure there are some current ones out there if you look around. do you have any information on a future release redhat postfix I'm going to compile my rpm
hello postfix network : with dovecot deliver amavisd not work
hello all reader hello list hello postfix network since I've installed dovecot deliver. e-mails no longer pass through amavisd. amavisd no longer work. c is to say I have no anti-spam and anti virus my postconf and dovecot -n [r...@r13151 ~]# postconf -n alias_database = hash:/etc/aliases , hash:/etc/postfix/aliases alias_maps = hash:/etc/aliases , hash:/etc/postfix/aliases body_checks = regexp:/etc/postfix/body_checks.cf broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix content_filter = dkimproxy:[127.0.0.1]:10029 daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 default_privs = nobody double_bounce_sender = no header_checks = regexp:/etc/postfix/header_checks.cf home_mailbox = Maildir/ in_flow_delay = 10 inet_interfaces = all local_recipient_maps = unix:passwd.byname $alias_maps mail_owner = postfix mail_spool_directory = /var/spool/mail mailbox_command = /usr/libexec/dovecot/deliver mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man message_size_limit = 2048 mime_header_checks = regexp:/etc/postfix/mime_header_checks.cf mydestination = $myhostname , localhost.$mydomain, r13151.ovh.net mydomain = r13151.ovh.net mynetworks = 127.0.0.0/8 ,87.98.186.232 myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix queue_run_delay = 200s readme_directory = /usr/share/doc/postfix-2.5.4/README_FILES recipient_delimiter = + relay_domains = sample_directory = /usr/share/doc/postfix-2.5.4/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_sasl_security_options = noanonymous smtp_sasl_tls_security_options = noanonymous smtp_sender_dependent_authentication = yes smtp_tls_loglevel = 3 smtp_tls_note_starttls_offer = yes smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) smtpd_client_restrictions = permit_mynetworks,reject_unknown_reverse_client_hostname,reject_unauth_pipelining, reject_non_fqdn_recipient , permit smtpd_milters = inet:[127.0.0.1]:10040 smtpd_recipient_restrictions = permit_mynetworks permit_inet_interfaces permit_sasl_authenticated reject_unverified_recipient reject_non_fqdn_sender reject_non_fqdn_recipient reject_unknown_sender_domain reject_unknown_recipient_domain reject_unknown_reverse_client_hostname reject_unauth_destination reject_unauth_pipelining reject_rbl_client zen.spamhaus.org reject_sender_login_mismatch check_policy_service unix:postgrey/socket check_sender_access hash:/etc/postfix/check_backscatterer check_sender_access hash:/etc/postfix/check_spamcannibal check_policy_service unix:private/spfpolicy reject_rhsbl_sender dbl.spamhaus.org reject_rbl_client bl.spamcop.net reject_rbl_client cbl.abuseat.org reject_rbl_client b.barracudacentral.org check_client_access hash:/etc/postfix/whitelist reject_rhsbl_helo dbl.spamhaus.org reject_rhsbl_client dbl.spamhaus.org reject_unknown_helo_hostname reject_invalid_helo_hostname reject_non_fqdn_helo_hostname check_client_access pcre:/etc/postfix/ptr-tld.pcre check_client_access cidr:/etc/postfix/sinokorea.cidr check_client_access cidr:/etc/postfix/taiwancidr.cidr check_client_access regexp:/etc/postfix/blacklist_clients check_client_access cidr:/etc/postfix/asian-ip.cidr reject_rbl_client relays.orbs.org reject_rbl_client in.dnsbl.org smtpd_reject_unlisted_sender = no smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_tls_CAfile = /etc/pki/tls/certs/class3.crt smtpd_tls_ask_ccert = yes smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/pki/tls/certs/r13151.ovh.net.crt smtpd_tls_key_file = /etc/pki/tls/private/r13151.ovh.net.key smtpd_tls_received_header = yes smtpd_tls_req_ccert = no smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_session_cache smtpd_use_tls = yes soft_bounce = no tls_random_source = dev:/dev/urandom unknown_local_recipient_reject_code = 550 virtual_alias_domains = renelacroute.fr , nicolaspichot.fr , fakessh.eu virtual_alias_maps = hash:/etc/postfix/virtual virtual_transport = dovecot [r...@r13151 ~]# dovecot -n # 1.2.11: /etc/dovecot.conf # OS: Linux 2.6.24.5-grsec--grs-ipv4-32 i686 CentOS release 5.5 (Final) base_dir: /var/run/dovecot/ log_path: /var/log/maillog log_timestamp: %Y-%m-%d %H:%M:%S protocols: imap imaps pop3 pop3s managesieve listen(default): [::] listen(imap): [::] listen(pop3): [::] listen(managesieve): *:2000 ssl_listen(default): *:993 ssl_listen(imap): *:993 ssl_listen(pop3): *:995 ssl_listen(managesieve): ssl_ca_file: /etc/pki/tls/certs/root.crt ssl_cert_file: /etc/pki/tls/certs/r13151.ovh.net.crt ssl_key_file: /etc/pki/tls/private/r13151.ovh.net.key ssl_verify_client_cert: yes version_ignore: yes login_dir: /var/run/dovecot//login login_executable(default):
probleme with dk dkim and dlv for miltiple domain
hello all hello postfix network hello centos network I am having problems with my dk and dkim signature of my emails I have successfully made the process of verification of signatures dnssec all my domains are correct and good displays on dlv.isc.org the reason for my problem just the reason that I have updated my postfix and I have recreated a pair of keys with openssl for dkimproxy the reason for my questions one of my domains. in .fr: after validation of signatures by isc dk dkim said OK Other areas domains ( other .fr and other .eu ) after validation of signatures by isc dk dkim said bad that happens I do not understand thanks for advice thanks for help
Re: Postini, Has bad idea for adding ip numbers. This is sendmail example
postini give access telnet postini 25 mail from:herc...@hercule.eu rcpt to:youareinh...@youareinhome.fr data some date . emails is correctly delivred its synonymy to open relay
wieste is a women . when do you
hello wieste is a women . when do you its my real @ i respond a you post duplicate in french please
Re: wieste is a women . when do you
On Mon, 21 Jun 2010 00:41:21 +0200, fakessh fake...@fakessh.eu wrote: hello wieste is a women . when do you its my real @ i respond a you post duplicate in french please http://www.google.fr/search?q=wieste+is+a+womanhl=frclient=safarirls=enei=Z44fTL76NMeS4gbxxZWWDgstart=50sa=N http://www.textfiles.com/magazines/PHRACK/PHRACK52
trouble on my rules check_client_access hash:/etc/postf ix/acces_client
hello ladies and gents I do not know if I am in error or in the real i a file check_client_access hash:/etc/postfix/acces_client cat /etc/postfix/acces_client mx3.mail2000.com.tw REJECT mx2.mail2000.com.tw REJECT mx2.mail.tw.yahoo.com REJECT I forbid the property to ndd that connect to my gateway i refuse the access to ndd and I do not understand I have always log that are generated by syslogd example (piece of logwatch) Relaying denied: From 114-45-50-88.dynamic.hinet.net[114.45.50.88] to gk49f...@yahoo.com.tw : 1 Time(s) From 114-45-53-25.dynamic.hinet.net[114.45.53.25] to gk49f...@yahoo.com.tw : 1 Time(s) From 114-45-54-214.dynamic.hinet.net[114.45.54.214] to gk49f...@yahoo.com.tw : 1 Time(s) discarding EHLO keywords: 8BITMIME STARTTLS discarding EHLO keywords: 8BITMIME STARTTLS 1F68858046: to=s2...@mail2000.com.tw, relay=mx2.mail2000.com.tw[203.69.82.34]:25, delay=1.7, delays=0.23/0.01/1.2/0.29, dsn=2.0.0, status=deliverable (250 Recipient s2...@mail2000.com.tw OK) discarding EHLO keywords: 8BITMIME STARTTLS discarding EHLO keywords: 8BITMIME STARTTLS that happens I should not have any log , logically thanks for your responce thanks for advice nb : in our previous conserne problems. I'm glad I love everyone and gods bless us every day
Re: trouble on my rules check_client_access hash:/etc/p ostfix/acces_client
On Thu, 24 Jun 2010 10:09:35 +0200, fakessh fake...@fakessh.eu wrote: hello ladies and gents I do not know if I am in error or in the real i a file check_client_access hash:/etc/postfix/acces_client cat /etc/postfix/acces_client mx3.mail2000.com.tw REJECT mx2.mail2000.com.tw REJECT mx2.mail.tw.yahoo.com REJECT I forbid the property to ndd that connect to my gateway i refuse the access to ndd and I do not understand I have always log that are generated by syslogd example (piece of logwatch) Relaying denied: From 114-45-50-88.dynamic.hinet.net[114.45.50.88] to gk49f...@yahoo.com.tw : 1 Time(s) From 114-45-53-25.dynamic.hinet.net[114.45.53.25] to gk49f...@yahoo.com.tw : 1 Time(s) From 114-45-54-214.dynamic.hinet.net[114.45.54.214] to gk49f...@yahoo.com.tw : 1 Time(s) discarding EHLO keywords: 8BITMIME STARTTLS discarding EHLO keywords: 8BITMIME STARTTLS 1F68858046: to=s2...@mail2000.com.tw, relay=mx2.mail2000.com.tw[203.69.82.34]:25, delay=1.7, delays=0.23/0.01/1.2/0.29, dsn=2.0.0, status=deliverable (250 Recipient s2...@mail2000.com.tw OK) discarding EHLO keywords: 8BITMIME STARTTLS discarding EHLO keywords: 8BITMIME STARTTLS that happens I should not have any log , logically thanks for your responce thanks for advice nb : in our previous conserne problems. I'm glad I love everyone and gods bless us every day this was a misconfiguration between check_client_access and check_sender_acces http://old.nabble.com/Blocking-a-domain-and-user-td22338705.html#a22339092
Re: trouble on my rules check_client_access hash:/etc/p ostfix/acces_client
On Thu, 24 Jun 2010 11:03:18 +0200, fakessh fake...@fakessh.eu wrote: On Thu, 24 Jun 2010 10:09:35 +0200, fakessh fake...@fakessh.eu wrote: hello ladies and gents I do not know if I am in error or in the real i a file check_client_access hash:/etc/postfix/acces_client cat /etc/postfix/acces_client mx3.mail2000.com.tw REJECT mx2.mail2000.com.tw REJECT mx2.mail.tw.yahoo.com REJECT I forbid the property to ndd that connect to my gateway i refuse the access to ndd and I do not understand I have always log that are generated by syslogd example (piece of logwatch) Relaying denied: From 114-45-50-88.dynamic.hinet.net[114.45.50.88] to gk49f...@yahoo.com.tw : 1 Time(s) From 114-45-53-25.dynamic.hinet.net[114.45.53.25] to gk49f...@yahoo.com.tw : 1 Time(s) From 114-45-54-214.dynamic.hinet.net[114.45.54.214] to gk49f...@yahoo.com.tw : 1 Time(s) discarding EHLO keywords: 8BITMIME STARTTLS discarding EHLO keywords: 8BITMIME STARTTLS 1F68858046: to=s2...@mail2000.com.tw, relay=mx2.mail2000.com.tw[203.69.82.34]:25, delay=1.7, delays=0.23/0.01/1.2/0.29, dsn=2.0.0, status=deliverable (250 Recipient s2...@mail2000.com.tw OK) discarding EHLO keywords: 8BITMIME STARTTLS discarding EHLO keywords: 8BITMIME STARTTLS that happens I should not have any log , logically thanks for your responce thanks for advice nb : in our previous conserne problems. I'm glad I love everyone and gods bless us every day this was a misconfiguration between check_client_access and check_sender_acces http://old.nabble.com/Blocking-a-domain-and-user-td22338705.html#a22339092 its that too http://old.nabble.com/Stopping-backscatter-with-before-queue-td20902385i20.html#a21003570
Re: OT: sid-milter package
On Fri, 25 Jun 2010 23:39:18 +0200, mouss mo...@ml.netoyen.net wrote: Jorge Andrea G Carminati a écrit : Hi all! I'm trying to implement sid-milter with Postfix 2.7, but am having some problems while trying to compile release 1.0 under RHEL 5.5 (x86_64) as shown below, any ideas? you need to cotact the author of sid-milter or a corresponding forum/list. if you want my opinion: if it doesn't work as it is, forget about it... i recently compiled sid-milter into a rpm without signatures http://ns.fakessh.eu/sid-milter-1.0.0-1.el5.i386.rpm work well on my centos 5.5 .spec is in a this post for building the rpm http://lists.centos.org/pipermail/centos-fr/2009-December/000378.html [snip]
Re: How to drop the recipient address hostname when delivering mail via LMTP?
On Fri, 27 Aug 2010 12:22:59 -0400, Victor Duchovni victor.ducho...@morganstanley.com wrote: On Fri, Aug 27, 2010 at 10:58:37AM -0500, Noel Jones wrote: I think the problem is better solved in the delivery agent. If you're using the postfix LMTP client, this might work: http://www.postfix.org/postconf.5.html#lmtp_generic_maps /^(.*)@server\.example\.com$/$1 This will also mangle To: headers. Standard-compliant LMTP addresses are (as with SMTP) localp...@domain not localpart. So LMTP servers are expected to correctly map domains to mailboxes. It is best to no generate invalid LMTP, mangle the headers, ... I wonder What is the best solution to use dovecot lda for its use or complicate the config using lmtp dovecot whereas with a simple config we manage to walk amavisd what is it the best way many welcome are smile
misunderstanding of some connections
hi all hi folks hi wieste : the saincristain of postfix hi all the postfix network I consult regularly logs postfix I consult regularly logs postfix, and he appears regularly attempts to connect mx3.mail2000.com.tw and that is that I do not understand how it happens I have the following rules in my postfix config smtpd_recipient_restrictions check_client_access regexp:/etc/postfix/blacklist_clients ~]# cat /etc/postfix/blacklist_clients /\.dynamic\.hinet\.net$/REJECT UCE black-listed. /\.seed\.hinet\.net$/ REJECT UCE black-listed. /\.br\.hinet\.net$/ REJECT UCE black-listed. /\.ms1\.hinet\.net$/ REJECT UCE black-listed. /\mx3\.mail2000\.com\.tw$/ REJECT /\mx2\.mail2000\.com\.tw$/ REJECT /\mx2\.mail\.tw\.yahoo\.com$/ REJECT /\mx1\.mail\.tw\.yahoo\.com$/ REJECT /\.HINET-IP\.hinet\.net$/REJECT UCE black-listed. this may be a confusion between elementary smtpd_client_restrictions vs smtpd_recipient_restrictions many return are welcome Please take the time to explain well
force startssl on port 25
hi guru of postfix hi mouss and wieste hi all the users of ths list my question is simply is there a way to force startssl on port 25 or it is not a good method many returns are welcome
Re: force startssl on port 25
On Tue, 14 Sep 2010 13:17:56 -0400, Matt Hayes domin...@slackadelic.com wrote: On 9/14/2010 1:11 PM, fakessh wrote: hi guru of postfix hi mouss and wieste hi all the users of ths list my question is simply is there a way to force startssl on port 25 or it is not a good method many returns are welcome I don't recommend doing that as not all MTAs on the internet will be able to or want to do SSL from MTA to MTA. If you want to offer it, that's fine, but I wouldn't force it. thanks for your response no force it thanks merci en france -Matt
Re: force startssl on port 25
On Wed, 15 Sep 2010 23:53:03 +0200, mouss mo...@ml.netoyen.net wrote: Le 14/09/2010 19:11, fakessh a écrit : hi guru of postfix hi mouss and wieste hi all the users of ths list my question is simply is there a way to force startssl on port 25 or it is not a good method the short answer is no. you use port 25 to get mail from public senders. you can't force these users if you want mail from them. you can offer starttls and hope that the other side implements it. I'm finding that even spammers are using starttls, but I wouldn't ask a mailing list to use starttls when the messages are archived all over the web... thanks for you attention mouss the response is clear and simple a about i work on the lib MIME::Lite in perl my patch http://pastebin.com/kqUDxpwY i wonder what the email not send
Re: Please Help Me Secure My Mail Server
On Mon, 20 Sep 2010 15:56:35 -0500, Noel Jones njo...@megan.vbhcs.org wrote: On 9/20/2010 3:29 PM, bper wrote: Hello, I have set up a postfix-dovecot server with smtp-auth using sasl by following this link: https://help.ubuntu.com/10.04/serverguide/C/postfix.html It seems to be working OK. The only thing is that when I view my logs, I see a lot of 'relaying denied', 'noqueue reject', 'too many errors after rcpt', and 'disconnect' messages from a lot of unknown domain names and ip addresses. These are normal messages indicating that postfix is working correctly. I'm hoping that this means that the server is secure and doing its job bouncing mail from unauthorized requests. *** Is that true? quickie definitions: bounce - accept mail and return it to the (likely forged) sender. BAD. reject - unwanted mail is not accepted. Notification of legit senders is the responsibility of the sender's mail server. GOOD. Your postfix is apparently doing its job rejecting unwanted mail. For further analysis, show your postconf -n and unaltered log entries you don't understand. -- Noel Jones Even if it was true, it has to be slowing down the server receiving so many unauthorized requests. *** Is there a way to avoid this or is this just a function of life in the world of email spam? Would a spam filter like Spamassasin help this type of issue? Thanks! -:- good example of config are available sign my blog regards
Re: SPF and greylisting conditioning
Le dimanche 26 septembre 2010 22:38, mouss a écrit : Le 26/09/2010 12:08, Stan Hoeppner a écrit : Michal Bruncko put forth on 9/26/2010 4:24 AM: It is possible in some way to configure postfix, that SPF Passed mails will be automatically accepted with postfix without greylisting? If I may be blunt: this is a really dumb idea. Many, maybe all, snowshoe spammers have valid SPF records. Thus, accepting mail simply because the connecting IP passes SPF muster isn't a bright idea. some even use an indirect +all to trick filters... $ host -t txt takeprettypictures.net takeprettypictures.net descriptive text v=spf1 ip4:128.0.0.0/1 ip4:0.0.0.0/1 -all (so the first bit must be 0 or 1. since a bit is either 0 or 1...). do you like sendmail machine that adresse is unauthorized for me -- gpg --keyserver pgp.mit.edu --recv-key 092164A7 pgpRL1LwvCuSY.pgp Description: PGP signature
Re: SPF and greylisting conditioning
Le dimanche 26 septembre 2010 23:46, mouss a écrit : Le 26/09/2010 23:28, fakessh a écrit : Le dimanche 26 septembre 2010 22:38, mouss a écrit : Le 26/09/2010 12:08, Stan Hoeppner a écrit : Michal Bruncko put forth on 9/26/2010 4:24 AM: It is possible in some way to configure postfix, that SPF Passed mails will be automatically accepted with postfix without greylisting? If I may be blunt: this is a really dumb idea. Many, maybe all, snowshoe spammers have valid SPF records. Thus, accepting mail simply because the connecting IP passes SPF muster isn't a bright idea. some even use an indirect +all to trick filters... $ host -t txt takeprettypictures.net takeprettypictures.net descriptive text v=spf1 ip4:128.0.0.0/1 ip4:0.0.0.0/1 -all (so the first bit must be 0 or 1. since a bit is either 0 or 1...). do you like sendmail machine that adresse is unauthorized for me There's no address. the SPF record above specifies subnets with a /1 mask, the union of which is the whole IPv4 space. the evil for the spammeur the -all much have ?all -- gpg --keyserver pgp.mit.edu --recv-key 092164A7 pgpkehDaaHhCK.pgp Description: PGP signature
migration postfix vers latest release
hello postfix network hello wieste hello mouss hello all the reader of this list I wish to migrate postfix-2.5.4-1 to the latest version of postfix from rpm Official I desire to know the good manners to do I walk the couple clamd spamassassin postfix postgrey dovecot policyd sid-milter dkimproxy I wish to migrate while sweets following good habits -- gpg --keyserver pgp.mit.edu --recv-key 092164A7 pgp48dYKyPzIr.pgp Description: PGP signature
Re: rejecting clients greeting me with my own name
i hijacked the server with the null sender and the valid recipient the mail go home anonymous nb : hey madduck Le lundi 04 octobre 2010 à 20:44 +0200, martin f krafft a écrit : also sprach Charles Marcus cmar...@media-brokers.com [2010.10.04.2029 +0200]: Yes, with my IP. So your server is hacked? I am talking about the argument to HELO/EHLO. No, my server is not hacked. -- http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x092164A7 gpg --keyserver pgp.mit.edu --recv-key 092164A7 signature.asc Description: Ceci est une partie de message numériquement signée
Re: Postfix not create Maildir
you must create them by hand or you have to use plugins dovecot and sieve anonymous Le vendredi 08 octobre 2010 à 19:11 -0300, Márcio Luciano Donada a écrit : I am configuring a server to read a basic ldap, everything is working wonders, but to deliver the e-mail, postfix is not creating the maildir of the user, delivering only a mailbox file, but note that the configuration that follows below, I have the directive home_mailbox = Maildir/. I'm using version 2.6 on FreeBSD 8.2 body_checks = pcre:/usr/local/etc/postfix/maps/body_checks body_checks_size_limit = 51200 broken_sasl_auth_clients = yes command_directory = /usr/local/sbin config_directory = /usr/local/etc/postfix content_filter = smtp-amavis:[127.0.0.1]:10024 daemon_directory = /usr/local/libexec/postfix data_directory = /var/db/postfix debug_peer_level = 2 default_destination_concurrency_limit = 20 default_process_limit = 100 header_checks = pcre:/usr/local/etc/postfix/maps/header_checks home_mailbox = Maildir/ html_directory = /usr/local/share/doc/postfix local_destination_concurrency_limit = 2 local_recipient_maps = $virtual_mailbox_maps local_transport = virtual mail_owner = postfix mailq_path = /usr/local/bin/mailq manpage_directory = /usr/local/man message_size_limit = 10485760 mydestination = $myhostname, localhost.$mydomain, mx.$mydomain, $mydomain mydomain = domain.com.br myhostname = bt.domain.com.br mynetworks = 127.0.0.0/8 myorigin = $mydomain newaliases_path = /usr/local/bin/newaliases queue_directory = /var/spool/postfix readme_directory = /usr/local/share/doc/postfix recipient_delimiter = + sample_directory = /usr/local/etc/postfix sendmail_path = /usr/local/sbin/sendmail smtp_tls_note_starttls_offer = yes smtp_use_tls = yes smtpd_banner = $myhostname ESMTP smtpd_data_restrictions = reject_unauth_pipelining smtpd_recipient_restrictions = reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination, reject_invalid_hostname,permit_sasl_authenticated, permit_mynetworks, reject_rbl_client sbl-xbl.spamhaus.org, reject_rbl_client zen.spamhaus.org, reject_unauth_destination,permit smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_security_options = noanonymous smtpd_sender_restrictions = check_client_access hash:/usr/local/etc/postfix/maps/sender_access, check_sender_access hash:/usr/local/etc/postfix/monitoramento/acl_sender, permit_sasl_authenticated, check_sender_access hash:/usr/local/etc/postfix/maps/sender, reject_sender_login_mismatch, reject_unlisted_recipient, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauth_destination,warn_if_reject, permit smtpd_tls_CAfile = /usr/local/etc/postfix/certificado/cacert.pem smtpd_tls_cert_file = /usr/local/etc/postfix/certificado/smtpd.crt smtpd_tls_key_file = /usr/local/etc/postfix/certificado/smtpd.key smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes soft_bounce = no tls_random_source = dev:/dev/urandom unknown_local_recipient_reject_code = 550 virtual_gid_maps = static:1002 virtual_mailbox_base = /home/vmail virtual_mailbox_limit = 1 virtual_mailbox_limit_inbox = yes virtual_mailbox_limit_maps = ldap:mailquota virtual_mailbox_limit_override = yes virtual_mailbox_maps = ldap:mailboxmaps virtual_maildir_extended = yes virtual_maildir_limit_message = Aviso de Quota Excedida! virtual_overquota_bounce = yes virtual_uid_maps = static:1002 -- http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x092164A7 gpg --keyserver pgp.mit.edu --recv-key 092164A7 signature.asc Description: Ceci est une partie de message numériquement signée
Re: [OFF-TOPIC] Does 2.7 RPM Work on RHEL 6?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Le 11.11.2010 22:10, Voytek Eymont a écrit : On Fri, November 12, 2010 6:16 am, Carlos Mennens wrote: On Thu, Nov 11, 2010 at 2:07 PM, Victor Duchovni victor.ducho...@morganstanley.com wrote: This would be no problem except I've never attempted this before and just did some searching on the web for tutorials I can follow since I don't have any experience and honestly I couldn't find much. Does anyone know that level of difficultly involved from turning SRPM's into a RPM file I can use / distribute to others? I have the time and dedication but lack the experience and knowledge. Carlos, on a couple (if not more) occasions, I've used Simon's SRPMs to make RPMs with my desired options (that were not in Simon's default), using info on Simon's site, it was proverbially eezy, peezy so, the level is easy if not easier, documentation provided is excellent, you should be able to follow up each step 'just like that' i am empaqueted simom mudd rpm's for many compliance with rhel and centos i use with many succes in my host the adresse http://ns.fakessh.eu/postfix-2.7.1-1.pcre.pgsql.mysql.sasl2.dovecot.vda.rhel5.src.rpm http://ns.fakessh.eu/postfix-2.7.1-1.pcre.pgsql.mysql.sasl2.dovecot.vda.rhel5.i386.rpm - -- http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x092164A7 gpg --keyserver pgp.mit.edu --recv-key 092164A7 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with CentOS - http://enigmail.mozdev.org/ iD8DBQFM3IiKtXI/OwkhZKcRAmKAAJ9J4ZOlhk9XYlshGhScL9RPKtkxyQCffgSH uS+Q0K3ugfskIturOxsLC3o= =Q3mH -END PGP SIGNATURE-
Re: Upgrade version 2.5.5 to 2.7.1
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Le 01.12.2010 21:49, Stan Hoeppner a écrit : Bruno Costacurta put forth on 12/1/2010 2:19 PM: Hello, I intend to upgrade Postfix version 2.5.5 to 2.7.1. Are there incompatibilities or specific path for upgrade ? Or any manual re-configuration to be done ? I performed this exact backports upgrade about a week ago. As far as I recall, no manual master.cf or main.cf changes were *required* although I did make some manual changes due the the following becoming available: check_reverse_client_hostname_access The only issue I've come across is that logwatch doesn't recognize Postfix log stamps containing 2.7.1, which is no big deal. The 2.7.1 backport is running perfectly here so far. and how to apply this option too I do not use check_reverse_client_hostname_access - -- http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x092164A7 gpg --keyserver pgp.mit.edu --recv-key 092164A7 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iD8DBQFM9raUtXI/OwkhZKcRAgsgAJ9fqw76IshgD0z6+oZpDh+r8GtFUQCcDPG5 jodLx1K+3Puqx8dsVwa9Z3A= =6LOs -END PGP SIGNATURE-
Re: My unqualified host name (servername) unknown; sleeping for retry
Le jeudi 10 novembre 2011 09:30, Ian a écrit : i do you stop the daemon sendmail with the standard script systeme and start postfix daemon or use the toolkit to your system configuration if you use centos or redhat: stop sendmail: service sendmail stop remove sendmail from system rpm -e sendmail start postfix service postfix start in future please send postfix related messages to the list if you're a list member :) if you use related software for configuration system centos redhat install the package system-config\* and run system-switch-mail-nox -- http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x092164A7 gpg --keyserver pgp.mit.edu --recv-key 092164A7 http://urlshort.eu fakessh @ pgpf1R4y9nfK0.pgp Description: PGP signature
problem with dspam
hello list hello geek hello guru hello Fu I have done tests on my smtp server used to dspam. after problems of housing road I realized that dspam removes Return-Path header my emails are then intercepted as spam. I have not found a solution to my problem please help me i use a latest stable postfix release with other tools sincerely your -- http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x092164A7 gpg --keyserver pgp.mit.edu --recv-key 092164A7 http://urlshort.eu fakessh @ http://gplus.to/sshfake http://gplus.to/sshswilting http://gplus.to/john.swilting pgpCgw5pKqlj6.pgp Description: PGP signature
Re: problem with dspam
Le jeudi 22 décembre 2011 22:19, Andreas Berton a écrit : On Tue, 20 Dec 2011, fakessh @ wrote: hello list hello geek hello guru hello Fu I have done tests on my smtp server used to dspam. after problems of housing road I realized that dspam removes Return-Path header my emails are then intercepted as spam. I have not found a solution to my problem please help me i use a latest stable postfix release with other tools sincerely your -- http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x092164A7 gpg --keyserver pgp.mit.edu --recv-key 092164A7 http://urlshort.eu fakessh @ http://gplus.to/sshfake http://gplus.to/sshswilting http://gplus.to/john.swilting Hi Problem usually occur when you run dspam from pipe, and my guess is that you do so. Consider switch to daemon mode/lmtp whish in many cases solv the problem, However if need to run from command line you might try this. dspam unix - n n - 10 pipe flags=Ru user=dspam argv=/usr/bin/dspam --client --deliver=spam,innocent --user $user --mail-from=$sender --rcpt-to $recipient -o destination_recipient_limit=1 good luck Andreas I was not able to configure DSPAM with content_filter using lmtp: the only connection that I've managed to do that is a pipe as described in the man page of dspam how to do manage the connection of dspam with multiple content_filter and lmtp my many test did not allow me to find a solution all etstimonials are welcome -- http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x092164A7 gpg --keyserver pgp.mit.edu --recv-key 092164A7 http://urlshort.eu fakessh @ http://gplus.to/sshfake http://gplus.to/sshswilting http://gplus.to/john.swilting pgpXOWHPkh9yu.pgp Description: PGP signature
Re: problem with dspam
Le dimanche 25 décembre 2011 06:06, fakessh @ a écrit : Le jeudi 22 décembre 2011 22:19, Andreas Berton a écrit : On Tue, 20 Dec 2011, fakessh @ wrote: hello list hello geek hello guru hello Fu Hi Problem usually occur when you run dspam from pipe, and my guess is that you do so. Consider switch to daemon mode/lmtp whish in many cases solv the problem, However if need to run from command line you might try this. dspam unix - n n - 10 pipe flags=Ru user=dspam argv=/usr/bin/dspam --client --deliver=spam,innocent --user $user --mail-from=$sender --rcpt-to $recipient -o destination_recipient_limit=1 good luck Andreas I was not able to configure DSPAM with content_filter using lmtp: the only connection that I've managed to do that is a pipe as described in the man page of dspam how to do manage the connection of dspam with multiple content_filter and lmtp my many test did not allow me to find a solution all etstimonials are welcome i reread the doc and i succes manage connection to dspam with lmtp i configured multiple content filter i quote my example # service for accepting messages FROM the DKIM signing proxy 127.0.0.1:10030 inet n - n - 10 smtpd -o content_filter=lmtp:unix:/var/run/dspam/dspam.sock -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks -o smtpd_helo_restrictions= -o smtpd_client_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o smtpd_authorized_xforward_hosts=127.0.0.0/8 dspam unix n - n - - lmtp #-o lmtp_data_done_timeout=1200 #-o lmtp_send_xforward_command=yes #-o disable_dns_lookups=yes #-o max_use=20 127.0.0.1:10037 inet n - n - -smtpd -o content_filter= -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks -o smtpd_helo_restrictions= -o smtpd_client_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o smtpd_authorized_xforward_hosts=127.0.0.0/8 that sample it is correct ? all testimonials are welcome -- http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x092164A7 gpg --keyserver pgp.mit.edu --recv-key 092164A7 http://urlshort.eu fakessh @ http://gplus.to/sshfake http://gplus.to/sshswilting http://gplus.to/john.swilting pgpVbefzhMbsB.pgp Description: PGP signature !DSPAM:4ef6b65d153121403852998!
Re: Compile error
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Le 15.12.2010 19:22, Eero Volotinen a écrit : 2010/12/15 M. Rodrigo Monteiro fale...@rodrigomonteiro.net: Hi! I'm tryind to compile Postfix with Dovecot support. Why? Can't you just take precompiled binary? -- Eero i try with succes compiled postfix with dovecot sasl http://ns.fakessh.eu/postfix-2.7.2-1.pcre.pgsql.mysql.sasl2.dovecot.vda.rhel5.src.rpm http://ns.fakessh.eu/ postfix-2.7.2-1.pcre.pgsql.mysql.sasl2.dovecot.vda.rhel5.i386.rpm that its based on the rpm simon mudd with standard option consult the doumentation on building rpm - -- http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x092164A7 gpg --keyserver pgp.mit.edu --recv-key 092164A7 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iD8DBQFNCQi5tXI/OwkhZKcRAgOoAJ0S0KXrqxQfZdFBZHJxsI/JSc7UOACeNPAn iTsXOg9ddOMYD/BLHgVNobw= =4vAC -END PGP SIGNATURE-
Re: How not to reject invalid recipient domains (here: aol.com)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Le 21.12.2010 10:01, Wolfgang Zeikat a écrit : Hi, apparently, aol.com is currently not resolved via DNS (at least in Germany). How can I have postfix queue mails to AOL and retry delivery in that case instead of bouncing the mails? Regards, wolfgang basic security and well in my opinion the reason for the problem that - -- http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x092164A7 gpg --keyserver pgp.mit.edu --recv-key 092164A7 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iD8DBQFNEOmbtXI/OwkhZKcRAh19AJ9uG9Bc+iooVtvSo1NLZCWUL14JiQCdE2bQ 5JBa6KsczCNf7P8MEBLeYJk= =ZGso -END PGP SIGNATURE-
probleme ipv6
Hello postfix network. I encounter problems in configuring ipv6. I documented on the page but I don http://www.postfix.org/IPV6_README.html happens not connect in ipv6 on my mail server. My ISP does not support ipv6 I found the error in the ipv6 by visiting http://dnscheck.iis.se/ he tells me a difficulty connecting ipv6 on my mail server. I possess a slice ipv6 2001:41 D0: DD6 2:3:: / 64 is my postconf- n to every detail of my config ~]# postconf -n alias_database = hash:/etc/aliases , hash:/etc/postfix/aliases alias_maps = hash:/etc/aliases , hash:/etc/postfix/aliases body_checks = regexp:/etc/postfix/body_checks.cf broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix content_filter = dkimproxy:[127.0.0.1]:10029 daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 default_privs = nobody double_bounce_sender = no header_checks = regexp:/etc/postfix/header_checks.cf home_mailbox = Maildir/ html_directory = /usr/share/doc/postfix-2.7.2-documentation/html in_flow_delay = 10 inet_interfaces = all inet_protocols = all local_recipient_maps = unix:passwd.byname $alias_maps mail_owner = postfix mail_spool_directory = /var/spool/mail mailbox_command = /usr/libexec/dovecot/deliver mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man message_size_limit = 2048 milter_protocol = 6 mime_header_checks = regexp:/etc/postfix/mime_header_checks.cf mydestination = $myhostname , localhost.$mydomain, r13151.ovh.net mydomain = r13151.ovh.net mynetworks = 127.0.0.0/8 ,87.98.186.232 , [::1]/128 , [2001:41D0:2:3Dd6::]/64 myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix parent_domain_matches_subdomains = queue_directory = /var/spool/postfix queue_run_delay = 200s readme_directory = /usr/share/doc/postfix-2.7.2-documentation/readme recipient_delimiter = + relay_domains = sample_directory = /usr/share/doc/postfix-2.5.4/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_sasl_security_options = noanonymous smtp_sasl_tls_security_options = noanonymous smtp_sender_dependent_authentication = yes smtp_tls_loglevel = 3 smtp_tls_note_starttls_offer = yes smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) smtpd_client_restrictions = permit_mynetworks reject_unknown_reverse_client_hostname reject_unauth_pipelining reject_non_fqdn_recipient check_client_access cidr:/etc/postfix/koreacidr.cidr check_client_access cidr:/etc/postfix/chinacidr.cidr check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc/postfix/access_host check_sender_access hash:/etc/postfix/access_client check_sender_access hash:/etc/postfix/access_host check_recipient_access hash:/etc/postfix/access_client check_recipient_access hash:/etc/postfix/access_host check_client_access cidr:/etc/postfix/perso_cidr.cidr check_recipient_access cidr:/etc/postfix/perso_cidr.cidr check_helo_access cidr:/etc/postfix/perso_cidr.cidr check_client_access pcre:/etc/postfix/ptr-tld.pcre check_client_access cidr:/etc/postfix/sinokorea.cidr check_client_access cidr:/etc/postfix/taiwancidr.cidr check_client_access regexp:/etc/postfix/blacklist_clients check_client_access cidr:/etc/postfix/asian-ip.cidr reject_rbl_client relays.orbs.org check_client_access cidr:/etc/postfix/taiwanipblocksreject.cidr check_client_access cidr:/etc/postfix/IN_cidr.cidr check_client_access cidr:/etc/postfix/BR_cidr.cidr check_client_access cidr:/etc/postfix/CN_cidr.cidr check_client_access cidr:/etc/postfix/UA_cidr.cidr check_client_access cidr:/etc/postfix/TR_cidr.cidr check_client_access cidr:/etc/postfix/VE_cidr.cidr check_client_access cidr:/etc/postfix/VN_cidr.cidr permit smtpd_helo_restrictions = permit_mynetworks check_helo_access cidr:/etc/postfix/koreacidr.cidr check_helo_access cidr:/etc/postfix/chinacidr.cidr check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc/postfix/access_host check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc/postfix/access_host check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc/postfix/access_host check_helo_access cidr:/etc/postfix/perso_cidr.cidr check_helo_access pcre:/etc/postfix/ptr-tld.pcre check_helo_access cidr:/etc/postfix/sinokorea.cidr check_helo_access cidr:/etc/postfix/taiwancidr.cidr check_helo_access regexp:/etc/postfix/blacklist_clients check_helo_access cidr:/etc/postfix/asian-ip.cidr check_helo_access cidr:/etc/postfix/taiwanipblocksreject.cidr check_helo_access cidr:/etc/postfix/IN_cidr.cidr check_helo_access cidr:/etc/postfix/BR_cidr.cidr check_helo_access cidr:/etc/postfix/CN_cidr.cidr check_helo_access cidr:/etc/postfix/UA_cidr.cidr check_helo_access cidr:/etc/postfix/TR_cidr.cidr check_helo_access cidr:/etc/postfix/VE_cidr.cidr check_helo_access cidr:/etc/postfix/VN_cidr.cidr reject_unauth_pipelining
Re: probleme ipv6
Hello postfix network. I found the error in the ipv6 by visiting http://dnscheck.iis.se/ he tells me a difficulty connecting ipv6 address postmas...@fakessh.eu check my network with http;//dnscheck.iis.se many returns are welcome Le jeudi 20 janvier 2011 à 19:20 -0500, Steven King a écrit : -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 What is the error that you received? If your ISP does not support IPv6 you will not be able to use IPv6 connectivity unless you have a PoP tunnel or some other type of IPv4-to-IPv6 tunnel going on. On 1/20/11 6:50 PM, fakessh @ wrote: Hello postfix network. I encounter problems in configuring ipv6. I documented on the page but I don http://www.postfix.org/IPV6_README.html happens not connect in ipv6 on my mail server. My ISP does not support ipv6 I found the error in the ipv6 by visiting http://dnscheck.iis.se/ he tells me a difficulty connecting ipv6 on my mail server. I possess a slice ipv6 2001:41 D0: DD6 2:3:: / 64 is my postconf- n to every detail of my config ~]# postconf -n alias_database = hash:/etc/aliases , hash:/etc/postfix/aliases alias_maps = hash:/etc/aliases , hash:/etc/postfix/aliases body_checks = regexp:/etc/postfix/body_checks.cf broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix content_filter = dkimproxy:[127.0.0.1]:10029 daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 default_privs = nobody double_bounce_sender = no header_checks = regexp:/etc/postfix/header_checks.cf home_mailbox = Maildir/ html_directory = /usr/share/doc/postfix-2.7.2-documentation/html in_flow_delay = 10 inet_interfaces = all inet_protocols = all local_recipient_maps = unix:passwd.byname $alias_maps mail_owner = postfix mail_spool_directory = /var/spool/mail mailbox_command = /usr/libexec/dovecot/deliver mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man message_size_limit = 2048 milter_protocol = 6 mime_header_checks = regexp:/etc/postfix/mime_header_checks.cf mydestination = $myhostname , localhost.$mydomain, r13151.ovh.net mydomain = r13151.ovh.net mynetworks = 127.0.0.0/8 ,87.98.186.232 , [::1]/128 , [2001:41D0:2:3Dd6::]/64 myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix parent_domain_matches_subdomains = queue_directory = /var/spool/postfix queue_run_delay = 200s readme_directory = /usr/share/doc/postfix-2.7.2-documentation/readme recipient_delimiter = + relay_domains = sample_directory = /usr/share/doc/postfix-2.5.4/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_sasl_security_options = noanonymous smtp_sasl_tls_security_options = noanonymous smtp_sender_dependent_authentication = yes smtp_tls_loglevel = 3 smtp_tls_note_starttls_offer = yes smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) smtpd_client_restrictions = permit_mynetworks reject_unknown_reverse_client_hostname reject_unauth_pipelining reject_non_fqdn_recipient check_client_access cidr:/etc/postfix/koreacidr.cidr check_client_access cidr:/etc/postfix/chinacidr.cidr check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc/postfix/access_host check_sender_access hash:/etc/postfix/access_client check_sender_access hash:/etc/postfix/access_host check_recipient_access hash:/etc/postfix/access_client check_recipient_access hash:/etc/postfix/access_host check_client_access cidr:/etc/postfix/perso_cidr.cidr check_recipient_access cidr:/etc/postfix/perso_cidr.cidr check_helo_access cidr:/etc/postfix/perso_cidr.cidr check_client_access pcre:/etc/postfix/ptr-tld.pcre check_client_access cidr:/etc/postfix/sinokorea.cidr check_client_access cidr:/etc/postfix/taiwancidr.cidr check_client_access regexp:/etc/postfix/blacklist_clients check_client_access cidr:/etc/postfix/asian-ip.cidr reject_rbl_client relays.orbs.org check_client_access cidr:/etc/postfix/taiwanipblocksreject.cidr check_client_access cidr:/etc/postfix/IN_cidr.cidr check_client_access cidr:/etc/postfix/BR_cidr.cidr check_client_access cidr:/etc/postfix/CN_cidr.cidr check_client_access cidr:/etc/postfix/UA_cidr.cidr check_client_access cidr:/etc/postfix/TR_cidr.cidr check_client_access cidr:/etc/postfix/VE_cidr.cidr check_client_access cidr:/etc/postfix/VN_cidr.cidr permit smtpd_helo_restrictions = permit_mynetworks check_helo_access cidr:/etc/postfix/koreacidr.cidr check_helo_access cidr:/etc/postfix/chinacidr.cidr check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc/postfix/access_host check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc/postfix/access_host check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc
probleme ipv6
postfix network hello, hello Wieste. I think I have successfully configure ipv6 on my server anyway dig answer seems good. ~]$ dig fakessh.eu @8.8.8.8 +short 2001:41d0:2:3dd6:1234:5678:9abc:def0 and yet sometimes I don not connect to my postfix ipv6 source I have read the manual and I don 't always happens not all I possess a slice ipv6 2001:41D0:DD62:3::/64 this my postconf -n r13151 ~]# postconf -n alias_database = hash:/etc/aliases , hash:/etc/postfix/aliases alias_maps = hash:/etc/aliases , hash:/etc/postfix/aliases body_checks = regexp:/etc/postfix/body_checks.cf broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix content_filter = dkimproxy:[127.0.0.1]:10029 daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 default_privs = nobody double_bounce_sender = no header_checks = regexp:/etc/postfix/header_checks.cf home_mailbox = Maildir/ html_directory = /usr/share/doc/postfix-2.7.2-documentation/html in_flow_delay = 10 inet_interfaces = all inet_protocols = all local_recipient_maps = unix:passwd.byname $alias_maps mail_owner = postfix mail_spool_directory = /var/spool/mail mailbox_command = /usr/libexec/dovecot/deliver mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man message_size_limit = 2048 milter_protocol = 6 mime_header_checks = regexp:/etc/postfix/mime_header_checks.cf mydestination = $myhostname , localhost.$mydomain, r13151.ovh.net mydomain = r13151.ovh.net mynetworks = 127.0.0.0/8 ,87.98.186.232 , [::1]/128 , [2001:41D0:2:3Dd6::]/64 myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix parent_domain_matches_subdomains = queue_directory = /var/spool/postfix queue_run_delay = 200s readme_directory = /usr/share/doc/postfix-2.7.2-documentation/readme recipient_delimiter = + relay_domains = sample_directory = /usr/share/doc/postfix-2.5.4/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_sasl_security_options = noanonymous smtp_sasl_tls_security_options = noanonymous smtp_sender_dependent_authentication = yes smtp_tls_loglevel = 3 smtp_tls_note_starttls_offer = yes smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) smtpd_client_restrictions = permit_mynetworks reject_unknown_reverse_client_hostname reject_unauth_pipelining reject_non_fqdn_recipient check_client_access cidr:/etc/postfix/koreacidr.cidr check_client_access cidr:/etc/postfix/chinacidr.cidr check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc/postfix/access_host check_sender_access hash:/etc/postfix/access_client check_sender_access hash:/etc/postfix/access_host check_recipient_access hash:/etc/postfix/access_client check_recipient_access hash:/etc/postfix/access_host check_client_access cidr:/etc/postfix/perso_cidr.cidr check_recipient_access cidr:/etc/postfix/perso_cidr.cidr check_helo_access cidr:/etc/postfix/perso_cidr.cidr check_client_access pcre:/etc/postfix/ptr-tld.pcre check_client_access cidr:/etc/postfix/sinokorea.cidr check_client_access cidr:/etc/postfix/taiwancidr.cidr check_client_access regexp:/etc/postfix/blacklist_clients check_client_access cidr:/etc/postfix/asian-ip.cidr reject_rbl_client relays.orbs.org check_client_access cidr:/etc/postfix/taiwanipblocksreject.cidr check_client_access cidr:/etc/postfix/IN_cidr.cidr check_client_access cidr:/etc/postfix/BR_cidr.cidr check_client_access cidr:/etc/postfix/CN_cidr.cidr check_client_access cidr:/etc/postfix/UA_cidr.cidr check_client_access cidr:/etc/postfix/TR_cidr.cidr check_client_access cidr:/etc/postfix/VE_cidr.cidr check_client_access cidr:/etc/postfix/VN_cidr.cidr permit smtpd_helo_restrictions = permit_mynetworks check_helo_access cidr:/etc/postfix/koreacidr.cidr check_helo_access cidr:/etc/postfix/chinacidr.cidr check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc/postfix/access_host check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc/postfix/access_host check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc/postfix/access_host check_helo_access cidr:/etc/postfix/perso_cidr.cidr check_helo_access pcre:/etc/postfix/ptr-tld.pcre check_helo_access cidr:/etc/postfix/sinokorea.cidr check_helo_access cidr:/etc/postfix/taiwancidr.cidr check_helo_access regexp:/etc/postfix/blacklist_clients check_helo_access cidr:/etc/postfix/asian-ip.cidr check_helo_access cidr:/etc/postfix/taiwanipblocksreject.cidr check_helo_access cidr:/etc/postfix/IN_cidr.cidr check_helo_access cidr:/etc/postfix/BR_cidr.cidr check_helo_access cidr:/etc/postfix/CN_cidr.cidr check_helo_access cidr:/etc/postfix/UA_cidr.cidr check_helo_access cidr:/etc/postfix/TR_cidr.cidr check_helo_access cidr:/etc/postfix/VE_cidr.cidr check_helo_access cidr:/etc/postfix/VN_cidr.cidr reject_unauth_pipelining reject_invalid_hostname permit smtpd_milters =
Re: Outbound relayhost distribution
the quantity of deferred is yahoo response : this as that that is this Le vendredi 25 février 2011 à 15:29 -0800, Robert Goodyear a écrit : On Feb 25, 2011, at 2:58 PM, Victor Duchovni wrote: On Fri, Feb 25, 2011 at 02:38:16PM -0800, Robert Goodyear wrote: Have you seen problem relays in your upstream relay mix? What real symptoms do they exhibit and what is the observed impact on the upstream Postfix SMTP client? I'm going to run some analytics on my last 12 months' worth of outbound messages to get more scientific with my gut instincts here. It's about 270 million messages, and my observation is that when we have a spike of 4 or 5 million that need to deliver at a certain point in time (surrounding a critical/time-sensitive product launch) that my deferred queues saturate too quickly. 20 million a month is a moderate mail flow if it is mail from ~50-100K users spread out over the day. I would then expect no more than ~1K messages in the deferred queue of each ~4 machines to be about the right quantity of deferred email. 4 million messages to deliver all at once is a very different problem. It is definitely a lumpy distribution -- probably 2 to 3 per month of ~4-5 million to North American subscribers, interspersed with smaller regional (outside North America) campaigns of 250-300K that sometimes coincide with one of the big campaigns. Of course I could start building stovepipes in my topology to isolate activity so one doesn't affect the other, but then conversely I might have cold MTAs sitting idle when I could be using them. I *do* have some regional points of presence where I have MTAs close to the subscribers for their markets, e.g.: UK, EU and SE Asia; maybe I should experiment with offloading deferred North America queues to them. I wonder if their inherent latency would act as a rate limiter of sorts that would play more nicely with recipient domains? Anyway I'm speculating... let me go crazy with SPSS and look for some absolute patterns in the last year here. -- gpg --keyserver pgp.mit.edu --recv-key 092164A7 http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x092164A7 signature.asc Description: Ceci est une partie de message numériquement signée
Re: Kernel Oops
it is necessary to consider the option parent_domain_matches_subdomains = Le mardi 08 mars 2011 à 00:45 +0100, mouss a écrit : Le 07/03/2011 15:13, Stan Hoeppner a écrit : Noel Jones put forth on 3/7/2011 7:00 AM: On 3/7/2011 4:47 AM, Stan Hoeppner wrote: I was taught to always start my expressions with /^ and end them with $/. Why did Steven teach me to do this if it's not necessary? That's good advice when you're actually matching something. Ok, so if I'm doing what I've heard called a fully qualified regular expression, WRT FQrDNS matching, should I use the anchors or not? postmap -q says these all work (the actuals with action and text that is). /^(\d{1,3}-){3}\d{1,3}\.dynamic\.chello\.sk$/ .dynamic.chello.skREJECT blah blah /^(\d{1,3}\.){4}dsl\.dyn\.forthnet\.gr$/ .dyn.forthnet.gr REJECT blah blah /^(\d{1,3}-){4}adsl-dyn\.4u\.com\.gh$/ /dyn\.4u.com\.gh$/REJECT blah assuming you get real mail from there. otherwise .4u.com.ghREJECT blah /^[\d\w]{8}\.[\w]{2}-[\d]-[\d\w]{2}\.dynamic\.ziggo\.nl$/ ahem? I fail to see what yoy're trying to match here. \d is a \w, so [\d\w] is the same as \w. do you mean \W (capital letter)? anyway: .dynamic.ziggo.nl REJECT blah blah /^(\d{1,3}\.){4}dynamic\.snap\.net\.nz$/ .dynamic.snap.net.nz REJECT blah /^pppoe-dyn(-\d{1,3}){4}\.kosnet\.ru$/ /\Wdyn\W.*\.kosnet\.ru$/ REJECT blah The special case of .* means, as you know, anything or nothing. There's never a case where it's necessary to explicitly match a leading or trailing anything or nothing. What of the case where you want to match something in the middle of the input string, with extra junk on both ends? well, that's what regular expressions are about by default: /foo/ means contains foo /^foo/ means starts with foo /foo$/ means ends with foo so /^bart.*homer.*marge$/ means: starts with bart, ends with marge and somewhere between these contains homer. Consider: /^.*foo$/ match the string beginning with anything or nothing, ending with foo. can always be simplified to: /foo$/ match the string ending with foo. This works the same without the ending $ anchor (contains foo, rather than ends with foo), but helps the illustration. So, in my examples above, given we're matching rDNS patterns, are the anchors necessary, or helpful? If not using them means contains, then they should still match. What advantage is there to using the anchors when matching rDNS patterns? Any? (In the other special case where you're using $1, $2, etc. substitution in the result, you might need some form of /^(.*foo)$/ to fill the substitution buffer, but that's about substitution, not about matching.) Thank you for the continuing PCRE education Noel, and Ansgar. :) -- gpg --keyserver pgp.mit.edu --recv-key 092164A7 http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x092164A7 signature.asc Description: Ceci est une partie de message numériquement signée
Re: Postfix 2.7.3, 2.6.9, 2.5.12 and 2.4.16 available
when is it the official rpm. Simon Mudd the new rpms are still not present Le lundi 07 mars 2011 à 15:18 -0500, Wietse Venema a écrit : [An on-line version of this announcement will be available at http://www.postfix.org/announcements/postfix-2.7.3.html] Postfix legacy releases 2.7.3, 2.6.9, 2.5.12 and 2.4.16 are available. These releases contain a fix for CVE-2011-0411 which allows plaintext command injection with SMTP sessions over TLS. This defect was introduced with Postfix version 2.2. The same flaw exists in other implementations of the STARTTLS command. Note: CVE-2011-0411 is an issue only for the minority of SMTP clients that actually verify server certificates. Without server certificate verification, clients are always vulnerable to man-in-the-middle attacks that allow attackers to inject plaintext commands or responses into SMTP sessions, and more. Postfix 2.8 and 2.9 are not affected. The following problems were fixed with the Postfix legacy releases: * Fix for CVE-2011-0411: discard buffered plaintext input, after reading the SMTP STARTTLS command or response. * Fix to the local delivery agent: look up the unextended address in the local aliases database, when that address has a malformed address extension. * Fix to virtual alias expansion: report a tempfail error, instead of silently ignoring recipients that exceed the virtual_alias_expansion_limit or the virtual_alias_recursion_limit. * Fix for Solaris: the Postfix event engine was deaf for SIGHUP and SIGALRM signals after the switch from select() to /dev/poll. Symptoms were delayed postfix reload response, and killed processes with watchdog timeout values under 100 seconds. * Fix for HP-UX: the Postfix event engine was deaf for SIGALRM signals. Symptoms were killed processes with watchdog timeout values under 100 seconds. * Fix for BSD-ish mkdir() to prevent maildir directories from inheriting their group ownership from the parent directory. * Fix to the SMTP client: missing support for mail to [ipv6:ipv6addr] address literal destinations. * FreeBSD back-ported closefrom() from FreeBSD 8x to 7x, breaking Postfix builds retroactively. Historical note: Wietse Venema discovered the problem two weeks before the Postfix 2.8 release, and silently fixed it pending further investigation. While investigating the problem's scope and impact, Victor Duchovni found that many other TLS applications were also affected. At that point, CERT/CC was asked to coordinate with the problem's resolution. You can find the updated Postfix source code at the mirrors listed at http://www.postfix.org/. -- gpg --keyserver pgp.mit.edu --recv-key 092164A7 http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x092164A7 signature.asc Description: Ceci est une partie de message numériquement signée
how add X-AntiAbuse header
hello postfix guru hello wieste hello mouss I would like to add anti-abuse headers. I just spent a good little time to watch list archives and found no answers example of a header that I want to appear in my mail X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - medford.localsev.com X-AntiAbuse: Original Domain - hotmail.com X-AntiAbuse: Originator/Caller UID/GID - [99 99] / [47 12] X-AntiAbuse: Sender Address Domain - in-ex.s thanks -- http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x092164A7 gpg --keyserver pgp.mit.edu --recv-key 092164A7 pgpecB72ZZhQm.pgp Description: PGP signature
Re: how add X-AntiAbuse header
Le lundi 18 avril 2011 03:27, Noel Jones a écrit : On 4/17/2011 6:28 PM, fakessh wrote: hello postfix guru hello wieste hello mouss I would like to add anti-abuse headers. I just spent a good little time to watch list archives and found no answers example of a header that I want to appear in my mail X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - medford.localsev.com X-AntiAbuse: Original Domain - hotmail.com X-AntiAbuse: Originator/Caller UID/GID - [99 99] / [47 12] X-AntiAbuse: Sender Address Domain - in-ex.s I think these are Exim headers, at any rate postfix doesn't add headers like that. All that information is already in the Received: header postfix adds. If you want to add additional informative headers, you can use an access table or policy service with the PREPEND action, or use a milter that adds extra headers. Note that PREPEND can add one single-line header with each call. http://www.postfix.org/access.5.html http://www.postfix.org/postconf.5.html#check_client_access http://www.postfix.org/postconf.5.html#check_sender_access http://www.postfix.org/postconf.5.html#check_recipient_access http://www.postfix.org/SMTPD_POLICY_README.html http://www.postfix.org/MILTER_README.html -- Noel Jones thank you for your explanations Noel Jones -- http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x092164A7 gpg --keyserver pgp.mit.edu --recv-key 092164A7 pgpUTO5WhVzX3.pgp Description: PGP signature
Re: how add X-AntiAbuse header
Le lundi 18 avril 2011 14:16, Noel Jones a écrit : On 4/18/2011 6:46 AM, fakessh wrote: Le lundi 18 avril 2011 13:10, Morten P.D. Stevens a écrit : 2011/4/18 fakesshfake...@fakessh.eu: I would like to add anti-abuse headers. I just spent a good little time to watch list archives and found no answers example of a header that I want to appear in my mail X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - medford.localsev.com X-AntiAbuse: Original Domain - hotmail.com X-AntiAbuse: Originator/Caller UID/GID - [99 99] / [47 12] X-AntiAbuse: Sender Address Domain - in-ex.s Hi, With MIMEDefang you can do that. http://www.mimedefang.org/ For example: /etc/mail/mimedefang-filter action_add_header(X-AntiAbuse-Helo, $Helo); action_add_header(X-AntiAbuse-Relayhostname, $RelayHostname); action_add_header(X-AntiAbuse-Relayaddr, $RelayAddr); action_add_header(X-AntiAbuse-Sender, $Sender ); action_add_header(X-AntiAbuse-Score, $hits ($score) $names); and much more. Best regards, Morten thanks Morten and how to configure In My postfix. I think as a type sid-milter milter or other milter , enlighten me please. Give me a specific example of configuration with postfix Configuring postfix to use a milter is very easy. 1. configure your milter to listen on some local port. eg 127.0.0.1:2550 2. tell postfix to use that same port # main.cf smtpd_milters = inet:127.0.0.1:2550 That's all that is usually required. All other configuration is done in the milter. You can use a unix socket rather than a TCP port, but sometimes the permissions and paths get a little tricky, particularly if using chroot. http://www.postfix.org/MILTER_README.html -- Noel Jones thanks Noel Jones for your return it works correctly but I do not write to file mimedefang-filter instructions for writing the header X-anti-abuse -- http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x092164A7 gpg --keyserver pgp.mit.edu --recv-key 092164A7 pgpEFzWFDcZmF.pgp Description: PGP signature
Re: how add X-AntiAbuse header
Le mardi 19 avril 2011 01:22, fakessh a écrit : Le lundi 18 avril 2011 14:16, Noel Jones a écrit : On 4/18/2011 6:46 AM, fakessh wrote: Le lundi 18 avril 2011 13:10, Morten P.D. Stevens a écrit : 2011/4/18 fakesshfake...@fakessh.eu: I would like to add anti-abuse headers. I just spent a good little time to watch list archives and found no answers example of a header that I want to appear in my mail X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - medford.localsev.com X-AntiAbuse: Original Domain - hotmail.com X-AntiAbuse: Originator/Caller UID/GID - [99 99] / [47 12] X-AntiAbuse: Sender Address Domain - in-ex.s Hi, With MIMEDefang you can do that. http://www.mimedefang.org/ For example: /etc/mail/mimedefang-filter action_add_header(X-AntiAbuse-Helo, $Helo); action_add_header(X-AntiAbuse-Relayhostname, $RelayHostname); action_add_header(X-AntiAbuse-Relayaddr, $RelayAddr); action_add_header(X-AntiAbuse-Sender, $Sender ); action_add_header(X-AntiAbuse-Score, $hits ($score) $names); and much more. Best regards, Morten thanks Morten and how to configure In My postfix. I think as a type sid-milter milter or other milter , enlighten me please. Give me a specific example of configuration with postfix Configuring postfix to use a milter is very easy. 1. configure your milter to listen on some local port. eg 127.0.0.1:2550 2. tell postfix to use that same port # main.cf smtpd_milters = inet:127.0.0.1:2550 That's all that is usually required. All other configuration is done in the milter. You can use a unix socket rather than a TCP port, but sometimes the permissions and paths get a little tricky, particularly if using chroot. http://www.postfix.org/MILTER_README.html -- Noel Jones thanks Noel Jones for your return it works correctly but I do not write to file mimedefang-filter instructions for writing the header X-anti-abuse thanks all it's work fine greet RTFM with perl header X-AntiAbuse inserted greet nb : i make a post on my blog for explain -- http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x092164A7 gpg --keyserver pgp.mit.edu --recv-key 092164A7 pgphtszsvLE0D.pgp Description: PGP signature
only accept EHLO and I see that I refuse a lot of legitimate mail
hello postfix guru hello Wieste and other develloper I already post a question asking for more. how to allow both HELO and EHLO. I currently only accept EHLO and I see that I refuse a lot of legitimate mail my postconf -n r13151 ~]# postconf -n alias_database = hash:/etc/aliases , hash:/etc/postfix/aliases alias_maps = hash:/etc/aliases , hash:/etc/postfix/aliases body_checks = regexp:/etc/postfix/body_checks.cf broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix content_filter = dkimproxy:[127.0.0.1]:10029 daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 default_privs = nobody default_rbl_reply = $rbl_code Service unavailable; $rbl_class [$rbl_what] blocked using $rbl_domain${rbl_reason?; $rbl_reason} double_bounce_sender = no header_checks = regexp:/etc/postfix/header_checks.cf home_mailbox = Maildir/ html_directory = /usr/share/doc/postfix-2.7.3-documentation/html in_flow_delay = 10 inet_interfaces = all inet_protocols = all local_recipient_maps = unix:passwd.byname $alias_maps mail_owner = postfix mail_spool_directory = /var/spool/mail mailbox_command = /usr/libexec/dovecot/dovecot-lda mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man message_size_limit = 2048 milter_command_timeout = 30s milter_connect_macros = j {daemon_name} v milter_connect_timeout = 30s milter_content_timeout = 300s milter_data_macros = i milter_end_of_data_macros = i milter_end_of_header_macros = i milter_helo_macros = {tls_version} {cipher} {cipher_bits} {cert_subject} {cert_issuer} milter_macro_daemon_name = $myhostname milter_macro_v = $mail_name $mail_version milter_mail_macros = i {auth_type} {auth_authen} {auth_author} {mail_addr} milter_protocol = 2 milter_rcpt_macros = i {rcpt_addr} milter_unknown_command_macros = mime_header_checks = regexp:/etc/postfix/mime_header_checks.cf mydestination = $myhostname , localhost.$mydomain, r13151.ovh.net mydomain = r13151.ovh.net mynetworks = 127.0.0.0/8 ,87.98.186.232 , [::1]/128 , [2001:41D0:2:3Dd6::]/64 myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix parent_domain_matches_subdomains = queue_directory = /var/spool/postfix queue_run_delay = 200s readme_directory = /usr/share/doc/postfix-2.7.3-documentation/readme recipient_delimiter = + relay_domains = sample_directory = /usr/share/doc/postfix-2.5.4/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_sasl_security_options = noanonymous smtp_sasl_tls_security_options = noanonymous smtp_sender_dependent_authentication = yes smtp_tls_loglevel = 3 smtp_tls_note_starttls_offer = yes smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) smtpd_client_restrictions = permit_mynetworks reject_unknown_reverse_client_hostname reject_unauth_pipelining reject_non_fqdn_recipient check_client_access cidr:/etc/postfix/koreacidr.cidr check_client_access cidr:/etc/postfix/chinacidr.cidr check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc/postfix/access_host check_sender_access hash:/etc/postfix/access_client check_sender_access hash:/etc/postfix/access_host check_recipient_access hash:/etc/postfix/access_client check_recipient_access hash:/etc/postfix/access_host check_client_access cidr:/etc/postfix/perso_cidr.cidr check_recipient_access cidr:/etc/postfix/perso_cidr.cidr check_helo_access cidr:/etc/postfix/perso_cidr.cidr check_client_access pcre:/etc/postfix/ptr-tld.pcre check_client_access cidr:/etc/postfix/sinokorea.cidr check_client_access cidr:/etc/postfix/taiwancidr.cidr check_client_access regexp:/etc/postfix/blacklist_clients check_client_access cidr:/etc/postfix/asian-ip.cidr reject_rbl_client relays.orbs.org check_client_access cidr:/etc/postfix/taiwanipblocksreject.cidr check_client_access cidr:/etc/postfix/IN_cidr.cidr check_client_access cidr:/etc/postfix/BR_cidr.cidr check_client_access cidr:/etc/postfix/CN_cidr.cidr check_client_access cidr:/etc/postfix/UA_cidr.cidr check_client_access cidr:/etc/postfix/TR_cidr.cidr check_client_access cidr:/etc/postfix/VE_cidr.cidr check_client_access cidr:/etc/postfix/VN_cidr.cidr permit smtpd_data_restrictions = reject_unauth_pipelining smtpd_helo_restrictions = permit_mynetworks check_helo_access cidr:/etc/postfix/koreacidr.cidr check_helo_access cidr:/etc/postfix/chinacidr.cidr check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc/postfix/access_host check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc/postfix/access_host check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc/postfix/access_host check_helo_access cidr:/etc/postfix/perso_cidr.cidr check_helo_access pcre:/etc/postfix/ptr-tld.pcre check_helo_access cidr:/etc/postfix/sinokorea.cidr check_helo_access cidr:/etc/postfix/taiwancidr.cidr
Re: only accept EHLO and I see that I refuse a lot of legitimate mail
I just changed this option smtp_tls_note_starttls_offer = may that it's OK or not OK thanks Le dimanche 24 avril 2011 22:10, fakessh a écrit : hello postfix guru hello Wieste and other develloper I already post a question asking for more. how to allow both HELO and EHLO. I currently only accept EHLO and I see that I refuse a lot of legitimate mail my postconf -n r13151 ~]# postconf -n alias_database = hash:/etc/aliases , hash:/etc/postfix/aliases alias_maps = hash:/etc/aliases , hash:/etc/postfix/aliases body_checks = regexp:/etc/postfix/body_checks.cf broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix content_filter = dkimproxy:[127.0.0.1]:10029 daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 default_privs = nobody default_rbl_reply = $rbl_code Service unavailable; $rbl_class [$rbl_what] blocked using $rbl_domain${rbl_reason?; $rbl_reason} double_bounce_sender = no header_checks = regexp:/etc/postfix/header_checks.cf home_mailbox = Maildir/ html_directory = /usr/share/doc/postfix-2.7.3-documentation/html in_flow_delay = 10 inet_interfaces = all inet_protocols = all local_recipient_maps = unix:passwd.byname $alias_maps mail_owner = postfix mail_spool_directory = /var/spool/mail mailbox_command = /usr/libexec/dovecot/dovecot-lda mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man message_size_limit = 2048 milter_command_timeout = 30s milter_connect_macros = j {daemon_name} v milter_connect_timeout = 30s milter_content_timeout = 300s milter_data_macros = i milter_end_of_data_macros = i milter_end_of_header_macros = i milter_helo_macros = {tls_version} {cipher} {cipher_bits} {cert_subject} {cert_issuer} milter_macro_daemon_name = $myhostname milter_macro_v = $mail_name $mail_version milter_mail_macros = i {auth_type} {auth_authen} {auth_author} {mail_addr} milter_protocol = 2 milter_rcpt_macros = i {rcpt_addr} milter_unknown_command_macros = mime_header_checks = regexp:/etc/postfix/mime_header_checks.cf mydestination = $myhostname , localhost.$mydomain, r13151.ovh.net mydomain = r13151.ovh.net mynetworks = 127.0.0.0/8 ,87.98.186.232 , [::1]/128 , [2001:41D0:2:3Dd6::]/64 myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix parent_domain_matches_subdomains = queue_directory = /var/spool/postfix queue_run_delay = 200s readme_directory = /usr/share/doc/postfix-2.7.3-documentation/readme recipient_delimiter = + relay_domains = sample_directory = /usr/share/doc/postfix-2.5.4/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_sasl_security_options = noanonymous smtp_sasl_tls_security_options = noanonymous smtp_sender_dependent_authentication = yes smtp_tls_loglevel = 3 smtp_tls_note_starttls_offer = yes smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) smtpd_client_restrictions = permit_mynetworks reject_unknown_reverse_client_hostname reject_unauth_pipelining reject_non_fqdn_recipient check_client_access cidr:/etc/postfix/koreacidr.cidr check_client_access cidr:/etc/postfix/chinacidr.cidr check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc/postfix/access_host check_sender_access hash:/etc/postfix/access_client check_sender_access hash:/etc/postfix/access_host check_recipient_access hash:/etc/postfix/access_client check_recipient_access hash:/etc/postfix/access_host check_client_access cidr:/etc/postfix/perso_cidr.cidr check_recipient_access cidr:/etc/postfix/perso_cidr.cidr check_helo_access cidr:/etc/postfix/perso_cidr.cidr check_client_access pcre:/etc/postfix/ptr-tld.pcre check_client_access cidr:/etc/postfix/sinokorea.cidr check_client_access cidr:/etc/postfix/taiwancidr.cidr check_client_access regexp:/etc/postfix/blacklist_clients check_client_access cidr:/etc/postfix/asian-ip.cidr reject_rbl_client relays.orbs.org check_client_access cidr:/etc/postfix/taiwanipblocksreject.cidr check_client_access cidr:/etc/postfix/IN_cidr.cidr check_client_access cidr:/etc/postfix/BR_cidr.cidr check_client_access cidr:/etc/postfix/CN_cidr.cidr check_client_access cidr:/etc/postfix/UA_cidr.cidr check_client_access cidr:/etc/postfix/TR_cidr.cidr check_client_access cidr:/etc/postfix/VE_cidr.cidr check_client_access cidr:/etc/postfix/VN_cidr.cidr permit smtpd_data_restrictions = reject_unauth_pipelining smtpd_helo_restrictions = permit_mynetworks check_helo_access cidr:/etc/postfix/koreacidr.cidr check_helo_access cidr:/etc/postfix/chinacidr.cidr check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc/postfix/access_host check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc/postfix/access_host check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc/postfix/access_host
Re: only accept EHLO and I see that I refuse a lot of legitimate mail
Le dimanche 24 avril 2011 22:37, fakessh a écrit : I just changed this option smtp_tls_note_starttls_offer = may that it's OK or not OK thanks i just reread the doc and I think he must use smtpd_tls_security_level = may it's OK wieste ? thanks ... s /// Le dimanche 24 avril 2011 22:10, fakessh a écrit : hello postfix guru hello Wieste and other develloper I already post a question asking for more. how to allow both HELO and EHLO. I currently only accept EHLO and I see that I refuse a lot of legitimate mail my postconf -n r13151 ~]# postconf -n alias_database = hash:/etc/aliases , hash:/etc/postfix/aliases alias_maps = hash:/etc/aliases , hash:/etc/postfix/aliases body_checks = regexp:/etc/postfix/body_checks.cf broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix content_filter = dkimproxy:[127.0.0.1]:10029 daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 default_privs = nobody default_rbl_reply = $rbl_code Service unavailable; $rbl_class [$rbl_what] blocked using $rbl_domain${rbl_reason?; $rbl_reason} double_bounce_sender = no header_checks = regexp:/etc/postfix/header_checks.cf home_mailbox = Maildir/ html_directory = /usr/share/doc/postfix-2.7.3-documentation/html in_flow_delay = 10 inet_interfaces = all inet_protocols = all local_recipient_maps = unix:passwd.byname $alias_maps mail_owner = postfix mail_spool_directory = /var/spool/mail mailbox_command = /usr/libexec/dovecot/dovecot-lda mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man message_size_limit = 2048 milter_command_timeout = 30s milter_connect_macros = j {daemon_name} v milter_connect_timeout = 30s milter_content_timeout = 300s milter_data_macros = i milter_end_of_data_macros = i milter_end_of_header_macros = i milter_helo_macros = {tls_version} {cipher} {cipher_bits} {cert_subject} {cert_issuer} milter_macro_daemon_name = $myhostname milter_macro_v = $mail_name $mail_version milter_mail_macros = i {auth_type} {auth_authen} {auth_author} {mail_addr} milter_protocol = 2 milter_rcpt_macros = i {rcpt_addr} milter_unknown_command_macros = mime_header_checks = regexp:/etc/postfix/mime_header_checks.cf mydestination = $myhostname , localhost.$mydomain, r13151.ovh.net mydomain = r13151.ovh.net mynetworks = 127.0.0.0/8 ,87.98.186.232 , [::1]/128 , [2001:41D0:2:3Dd6::]/64 myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix parent_domain_matches_subdomains = queue_directory = /var/spool/postfix queue_run_delay = 200s readme_directory = /usr/share/doc/postfix-2.7.3-documentation/readme recipient_delimiter = + relay_domains = sample_directory = /usr/share/doc/postfix-2.5.4/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_sasl_security_options = noanonymous smtp_sasl_tls_security_options = noanonymous smtp_sender_dependent_authentication = yes smtp_tls_loglevel = 3 smtp_tls_note_starttls_offer = yes smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) smtpd_client_restrictions = permit_mynetworks reject_unknown_reverse_client_hostname reject_unauth_pipelining reject_non_fqdn_recipient check_client_access cidr:/etc/postfix/koreacidr.cidr check_client_access cidr:/etc/postfix/chinacidr.cidr check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc/postfix/access_host check_sender_access hash:/etc/postfix/access_client check_sender_access hash:/etc/postfix/access_host check_recipient_access hash:/etc/postfix/access_client check_recipient_access hash:/etc/postfix/access_host check_client_access cidr:/etc/postfix/perso_cidr.cidr check_recipient_access cidr:/etc/postfix/perso_cidr.cidr check_helo_access cidr:/etc/postfix/perso_cidr.cidr check_client_access pcre:/etc/postfix/ptr-tld.pcre check_client_access cidr:/etc/postfix/sinokorea.cidr check_client_access cidr:/etc/postfix/taiwancidr.cidr check_client_access regexp:/etc/postfix/blacklist_clients check_client_access cidr:/etc/postfix/asian-ip.cidr reject_rbl_client relays.orbs.org check_client_access cidr:/etc/postfix/taiwanipblocksreject.cidr check_client_access cidr:/etc/postfix/IN_cidr.cidr check_client_access cidr:/etc/postfix/BR_cidr.cidr check_client_access cidr:/etc/postfix/CN_cidr.cidr check_client_access cidr:/etc/postfix/UA_cidr.cidr check_client_access cidr:/etc/postfix/TR_cidr.cidr check_client_access cidr:/etc/postfix/VE_cidr.cidr check_client_access cidr:/etc/postfix/VN_cidr.cidr permit smtpd_data_restrictions = reject_unauth_pipelining smtpd_helo_restrictions = permit_mynetworks check_helo_access cidr:/etc/postfix/koreacidr.cidr check_helo_access cidr:/etc/postfix/chinacidr.cidr check_helo_access
Re: only accept EHLO and I see that I refuse a lot of legitimate mail
i reread the doc i just changed this option smtpd_tls_security_level = may Le dimanche 24 avril 2011 22:53, Reindl Harald a écrit : what have smtp_tls_note_starttls_offer to do with EHLO/HELO and what have smtp_*-commands to do with receive? why you are using so complex EHLO-restrictions? the following should be enough! smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks reject_non_fqdn_helo_hostname reject_invalid_helo_hostname reject_unknown_helo_hostname Am 24.04.2011 22:37, schrieb fakessh: I just changed this option smtp_tls_note_starttls_offer = may that it's OK or not OK thanks Le dimanche 24 avril 2011 22:10, fakessh a écrit : hello postfix guru hello Wieste and other develloper I already post a question asking for more. how to allow both HELO and EHLO. I currently only accept EHLO and I see that I refuse a lot of legitimate mail my postconf -n r13151 ~]# postconf -n alias_database = hash:/etc/aliases , hash:/etc/postfix/aliases alias_maps = hash:/etc/aliases , hash:/etc/postfix/aliases body_checks = regexp:/etc/postfix/body_checks.cf broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix content_filter = dkimproxy:[127.0.0.1]:10029 daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 default_privs = nobody default_rbl_reply = $rbl_code Service unavailable; $rbl_class [$rbl_what] blocked using $rbl_domain${rbl_reason?; $rbl_reason} double_bounce_sender = no header_checks = regexp:/etc/postfix/header_checks.cf home_mailbox = Maildir/ html_directory = /usr/share/doc/postfix-2.7.3-documentation/html in_flow_delay = 10 inet_interfaces = all inet_protocols = all local_recipient_maps = unix:passwd.byname $alias_maps mail_owner = postfix mail_spool_directory = /var/spool/mail mailbox_command = /usr/libexec/dovecot/dovecot-lda mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man message_size_limit = 2048 milter_command_timeout = 30s milter_connect_macros = j {daemon_name} v milter_connect_timeout = 30s milter_content_timeout = 300s milter_data_macros = i milter_end_of_data_macros = i milter_end_of_header_macros = i milter_helo_macros = {tls_version} {cipher} {cipher_bits} {cert_subject} {cert_issuer} milter_macro_daemon_name = $myhostname milter_macro_v = $mail_name $mail_version milter_mail_macros = i {auth_type} {auth_authen} {auth_author} {mail_addr} milter_protocol = 2 milter_rcpt_macros = i {rcpt_addr} milter_unknown_command_macros = mime_header_checks = regexp:/etc/postfix/mime_header_checks.cf mydestination = $myhostname , localhost.$mydomain, r13151.ovh.net mydomain = r13151.ovh.net mynetworks = 127.0.0.0/8 ,87.98.186.232 , [::1]/128 , [2001:41D0:2:3Dd6::]/64 myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix parent_domain_matches_subdomains = queue_directory = /var/spool/postfix queue_run_delay = 200s readme_directory = /usr/share/doc/postfix-2.7.3-documentation/readme recipient_delimiter = + relay_domains = sample_directory = /usr/share/doc/postfix-2.5.4/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_sasl_security_options = noanonymous smtp_sasl_tls_security_options = noanonymous smtp_sender_dependent_authentication = yes smtp_tls_loglevel = 3 smtp_tls_note_starttls_offer = yes smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) smtpd_client_restrictions = permit_mynetworks reject_unknown_reverse_client_hostname reject_unauth_pipelining reject_non_fqdn_recipient check_client_access cidr:/etc/postfix/koreacidr.cidr check_client_access cidr:/etc/postfix/chinacidr.cidr check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc/postfix/access_host check_sender_access hash:/etc/postfix/access_client check_sender_access hash:/etc/postfix/access_host check_recipient_access hash:/etc/postfix/access_client check_recipient_access hash:/etc/postfix/access_host check_client_access cidr:/etc/postfix/perso_cidr.cidr check_recipient_access cidr:/etc/postfix/perso_cidr.cidr check_helo_access cidr:/etc/postfix/perso_cidr.cidr check_client_access pcre:/etc/postfix/ptr-tld.pcre check_client_access cidr:/etc/postfix/sinokorea.cidr check_client_access cidr:/etc/postfix/taiwancidr.cidr check_client_access regexp:/etc/postfix/blacklist_clients check_client_access cidr:/etc/postfix/asian-ip.cidr reject_rbl_client relays.orbs.org check_client_access cidr:/etc/postfix/taiwanipblocksreject.cidr check_client_access cidr:/etc/postfix/IN_cidr.cidr check_client_access cidr:/etc/postfix/BR_cidr.cidr check_client_access cidr:/etc/postfix/CN_cidr.cidr check_client_access cidr:/etc/postfix/UA_cidr.cidr
Re: only accept EHLO and I see that I refuse a lot of legitimate mail
Le dimanche 24 avril 2011 22:53, Reindl Harald a écrit : smtpd_helo_required = yes I follow the advice given to me I just added this option smtpd_helo_required = yes -- http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x092164A7 gpg --keyserver pgp.mit.edu --recv-key 092164A7 pgpOhsGX6B3QV.pgp Description: PGP signature
Re: Postfix 2.7.0 and yaa 0.3
Le mardi 26 avril 2011 11:28, Peter L. Hansen a écrit : Hi List, Iam having trouble trying to adding autoreply/autoresponder/outofoffice functionality to our setup. me i use sieve Can i configure postfix to send the proper headers? Thanks, Peter Hansen -- http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x092164A7 gpg --keyserver pgp.mit.edu --recv-key 092164A7 pgp94Ff9DYJyg.pgp Description: PGP signature
mimedefang and sid-filter
hi wieste hi mouss hi all the guru of postfix since I said I have mimedefang headers X-SenderID are no longer present you have an explanation -- http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x092164A7 gpg --keyserver pgp.mit.edu --recv-key 092164A7 pgp07QNePMLiK.pgp Description: PGP signature
Re: mimedefang and sid-filter
Le samedi 30 avril 2011 15:41, Patrick Ben Koetter a écrit : * fakessh fake...@fakessh.eu: hi wieste If you use vim, please put this line in your ~/.vimrc: ab wieste Wietse p@rick hello I had my way the programmer exception hello Wieste -- http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x092164A7 gpg --keyserver pgp.mit.edu --recv-key 092164A7 pgpu6k0pflkWg.pgp Description: PGP signature
Re: mimedefang and sid-filter
Le samedi 30 avril 2011 16:02, Reindl Harald a écrit : Am 30.04.2011 15:57, schrieb fakessh: Le samedi 30 avril 2011 15:41, Patrick Ben Koetter a écrit : * fakessh fake...@fakessh.eu: jesus christ Wietse not wieste nor Wieste :-) hello Wietse Venema and my problem ? -- http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x092164A7 gpg --keyserver pgp.mit.edu --recv-key 092164A7 pgpY47dazSwyO.pgp Description: PGP signature
Re: milter postfix for the geolocation addresses and headers X-Anti-Abuse
Le lundi 2 mai 2011 17:22, Wietse Venema a écrit : fakessh: hello list hello gurus hello ? Wietse Venema a) Free crystal balls. yes I possess crystal balls some nice numbers thank you b) Free telepathic services. yes I possess powers parapsychic I discuss with a large Indian matemathiciens I show you his page and I think we have succeeded in inventing a prototype language based on orthogonal curvilinear representations of image that allows us to accurately answer questions c) Concrete information about this problem. no problem the problem is solved by a plugin amavis i cote package Amavis::Custom; use strict; use re 'taint'; use warnings; use warnings FATAL = qw(utf8 void); no warnings qw(uninitialized redefine); BEGIN { import Amavis::Conf qw(:platform :confvars c cr ca); import Amavis::Util qw(do_log untaint min max); } sub new { my($class,$conn,$msginfo) = @_; my($self) = bless {}, $class; checks_geo($self,$conn,$msginfo); $self; } use Geo::IP; sub checks_geo { my($self,$conn,$msginfo) = @_; if (!exists $self-{geoip}) { # first time only in a child process my $geo_file = /usr/local/share/GeoIP/GeoLiteCity.dat; $self-{geoip} = Geo::IP-open($geo_file, GEOIP_STANDARD); if (!$self-{geoip}) { do_log(0, GeoIP: failed to open %s, $geo_file); } else { $self-{geoip}-set_charset(GEOIP_CHARSET_UTF8); } } if ($self-{geoip}) { my $last_received_ip = Amavis::UnmangleSender::parse_ip_address_from_received($msginfo); if (defined $last_received_ip $last_received_ip ne '') { my($country_name,$region_name,$city); my $record = $self-{geoip}-record_by_addr($last_received_ip); if (!$record) { do_log(2, GeoIP: no record for %s, $last_received_ip); } else { $country_name = $record-country_name; $region_name = $record-region_name; $city = $record-city; } do_log(2, GeoIP: %-15s %s %s, %s, %s, $last_received_ip, $msginfo-is_in_contents_category(CC_SPAM) ? 'SPAM' : ' ', map(defined $_ $_ ne '' ? $_ : -, $country_name, $region_name, $city)); my $hdr_edits = $msginfo-header_edits; $hdr_edits-add_header('X-Amavis-GeoIP', $country_name $city); } } } 1; thanks Wietse -- http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x092164A7 gpg --keyserver pgp.mit.edu --recv-key 092164A7 pgpLgn32PMFk0.pgp Description: PGP signature
Re: Sender-ID validation via Blackberry failing
Le mardi 10 mai 2011 15:25, Sharma, Ashish a écrit : -Original Message- From: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org] On Behalf Of fake...@fakessh.eu Sent: Saturday, January 29, 2011 9:11 PM To: postfix-users@postfix.org Subject: Re: Sender-ID validation via Blackberry failing On Tuesday 25 January 2011 14:23, Sharma, Ashish wrote: Hi, I have a Postfix mail receiving server, on this I am using sid-milter (found at http://sourceforge.net/projects/sid-milter/ got from http://www.postfix.org/addon.html) tool to validate senderID and SPF. Here the problem is for mail servers that implement Sender-ID, mail servers that are implementing sender-ID and having their mails sent via Blackberry are having their sender-ID (sender-id=neutral) not getting verified on my postfix end. Following are the mail headers that I am receiving: SEnderID add special header in the mail exemple of SEnder ID header X-SenderID: Sendmail Sender-ID Filter v1.0.0 r13151.ovh.net 9306957E93 Can anybody tell me what needs to be done at my end to get sender-ID for mails sent via Blackberry to be verified and passed correctly. Thanks Ashish Sharma I am unable to follow the idea suggested as there is no such 'Sender ID' header, please elaborate. Thanks Ashish hi Asnish Sender ID is complicated request the presence of a field ptr for all uses. page manual that describes a tempfail spf dns bind only the response of the validation so it must declare a single field A to describe a simple usage to with that exemple field TXT sender id compliant v=spf1 a ptr ip4:94.23.*.* ?all microsoft allow ?all and -all and recommend the use to fiel MX sincerely -- http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x092164A7 gpg --keyserver pgp.mit.edu --recv-key 092164A7 pgphiZ4RYt5Lj.pgp Description: PGP signature
Re: Sender-ID validation via Blackberry failing
On Tue, 10 May 2011 17:38:29 +0200, fakessh wrote: Le mardi 10 mai 2011 15:25, Sharma, Ashish a écrit : -Original Message- From: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org] On Behalf Of fake...@fakessh.eu Sent: Saturday, January 29, 2011 9:11 PM To: postfix-users@postfix.org Subject: Re: Sender-ID validation via Blackberry failing On Tuesday 25 January 2011 14:23, Sharma, Ashish wrote: Hi, I have a Postfix mail receiving server, on this I am using sid-milter (found at http://sourceforge.net/projects/sid-milter/ got from http://www.postfix.org/addon.html) tool to validate senderID and SPF. Here the problem is for mail servers that implement Sender-ID, mail servers that are implementing sender-ID and having their mails sent via Blackberry are having their sender-ID (sender-id=neutral) not getting verified on my postfix end. Following are the mail headers that I am receiving: SEnderID add special header in the mail exemple of SEnder ID header X-SenderID: Sendmail Sender-ID Filter v1.0.0 r13151.ovh.net 9306957E93 Can anybody tell me what needs to be done at my end to get sender-ID for mails sent via Blackberry to be verified and passed correctly. Thanks Ashish Sharma I am unable to follow the idea suggested as there is no such 'Sender ID' header, please elaborate. Thanks Ashish hi Asnish Sender ID is complicated request the presence of a field ptr for all uses. page manual that describes a tempfail spf dns bind only the response of the validation so it must declare a single field A to describe a simple usage to with that exemple field TXT sender id compliant v=spf1 a ptr ip4:94.23.*.* ?all microsoft allow ?all and -all and recommend the use to fiel MX sincerely and it is mandatory to rewrite areas bind sincerely your