query = select if ('%d' = 'example-2.com',
IFNULL((select dest from
aliases where addr = '%u...@example.com'), (select addr from users
where addr = '%u...@example.com')), NULL)
I've found that in conjunction with a 2nd query (the original
normal one), everything seems to work as
I've found that in conjunction with a 2nd query (the
original
normal one), everything seems to work as expected (including
aliases with only local parts like postmaster)
But I'm still unsure if this kind of query is correct, if
I'm
on the right track. Can anyone tell me if
2) it's not intuitive to me that the query I have given to postifx
is conditionally executed.
And THAT is precisely what the documentation says.
And THAT is merely what I was asking to have confirmation of (not sure why that
is so difficult)... because it's not intuitive, and also
I don't think mine is so confusing as you suggest if you take a second
to understand it. Maybe if you read it with some whitespace:
select
if ('%d' = 'example-2.com',
IFNULL(
(select dest from aliases where addr =
'%u...@example.com'),
Postfix expects an empty set (i.e. no rows returned) if it is to respond
negatively that a virtual alias does not exist.
Returning NULL does not equal no rows returned.
email builder:
Are you sure??
100% confirmed. To return NOTFOUND, you MUST return NO RESULT.
So with NULL
Postfix expects an empty set (i.e. no rows returned) if it is to
respond
negatively that a virtual alias does not exist.
Returning NULL does not equal no rows returned.
Are you sure??
100% confirmed. To return NOTFOUND, you MUST return NO RESULT.
The common code that
2) it's not intuitive to me that the query I have given to
postifx
is conditionally executed.
And THAT is precisely what the documentation says.
And THAT is merely what I was asking to have confirmation of
(not sure why that is so difficult)...
It is difficult only
- Original Message -
From: Wietse Venema wie...@porcupine.org
To: Postfix users postfix-users@postfix.org
Cc:
Sent: Tuesday, August 7, 2012 8:26 AM
Subject: Re: mysql query suppressed?
email builder:
I read in http://www.postfix.org/mysql_table.5.html for the %d
Probably the best lesson to learn from postfixadmin is: you can have
more than one lookup table in postfix per main.cf directive.
Postfixadmin uses 2 separate queries for regular aliases and
domain
aliases.
from main.cf:
virtual_alias_maps =
email builder:
it says if you use %d in your query and the lookup key is not in
the form of u...@domain.tld (ie local part only), then the query
is suppressed.?
What is not clear about that?
1) the word suppressed is only slightly unclear. I just want to make sure I
understand
This feature is not going to change. Over and out.
I merely asked (politely I think) for confirmation that I understood the
documentation correctly.
Why do you have to use such unfriendly language in your responses?
I was trying to find a SQL example how to alias email that is addressed
to everyone at a secondary domain to my primary domain. I mean:
I have many virtual users set up for example.com, I added a new domain,
example-2.com and I want any email going to example-2.com to be delivered to
I was trying to find a SQL example how to alias email that is addressed
to everyone at a secondary domain to my primary domain. I mean:
I have many virtual users set up for example.com, I added a new domain,
example-2.com and I want any email going to example-2.com to be delivered to
So I came up with this:
query = select if ('%d' = 'example-2.com', IFNULL((select dest
from aliases where addr = '%u...@example.com'), (select addr from users
where addr = '%u...@example.com')), (select dest from aliases where addr =
'%s'))
This seems to work in all cases except
So I came up with this:
query = select if ('%d' = 'example-2.com', IFNULL((select
dest
from aliases where addr = '%u...@example.com'), (select addr from
users
where addr = '%u...@example.com')), (select dest from aliases where
addr =
'%s'))
This seems to work in all cases
This causes a bounce instead of reject. Do I have to add a clause for
this to my query? I start to feel like I'm doing things Postfix
should
be doing. There must be a more simple way to do this?
postfixadmin have domain-alias support fits 100% to subject, makes sense
if dns data is
I read in http://www.postfix.org/mysql_table.5.html for the %d substitution in
the query if the lookup is not a full email address with domain, the entire
query is not even executed? Is this right?
If that's the case, you can't do complex queries like:
select IF('%d' = 'example.com', .
Am 06.08.2012 22:54, schrieb email builder:
I read in http://www.postfix.org/mysql_table.5.html for the %d substitution
in the query if the lookup is not a full email address with domain, the
entire
query is not even executed? Is this right?
If that's the case, you can't do complex
I seek clarification about reject_unlisted_recipient and
smtpd_reject_unlisted_recipient
If smtpd_reject_unlisted_recipient is enabled, WHEN does this check take place
in the scheme of smtpd_*_restrictions? I'm not sure, but it looks like it
might happen only if and after a PERMIT in the
Thanks for the help everyone. Does anyone have experience
or comments about this:
The only other solution I can see is to use something
like Nginx to just proxy the SMTP conversation through
the relay to the internal MTA. I haven't tried this before,
but if Nginx can perform fast enough
Specific questions I had were if I can use the standard
DNS load balancing (multiple MX records, same priority,
possibly multiple IPs resolving to one A record) setup
*behind* a relay server (those MTAs behind the relay
only being available via the relay and never directly).
Well, it looks
Specific questions I had were if I can use the standard DNS load
balancing (multiple MX records, same priority, possibly multiple
IPs
resolving to one A record) setup *behind* a relay server (those MTAs
behind the relay only being available via the relay and never
directly).
Ansgar, thank you for your patience:
Well, it looks like I could do
relay_domains = example.com
transport table: example.com relay:other.com
I have to use other.com in the transport because I need
to use
DNS-based load balancing of multiple SMTP servers on
the backend,
* mail for example.com arrives at the relay because
it is the highest priority MX record for example.com
Yes, but don't use the word relay here, it is too easily
confused
with the transport name, calle it the border MTA or the SMTP gateway,
OK thanks for the language tips
* the
Hi everyone,
I haven't played with relay servers much. I really thought
there was a RELAY_README but I find no README
files with RELAY in them at all. Hmmm. Where can
I get the basics?
Specific questions I had were if I can use the standard
DNS load balancing (multiple MX records, same
We use a modified version as a HELO blacklist. This avoids the false
positives we saw while testing it as a reverse DNS restriction but,
because the use of the reverse hostname as the HELO string is a
common pattern in spam attempts from compromised hosts, it's still
very effective.
I'm searching for a friend (who has very few money) an open source
antivirus scanner for email server that works with Postfix.
Any infos/links/advices welcome
One link, Google, would have easily found clamav.
Info/advice: with postscreen(8), sane HELO restrictions, and good
http://www.hardwarefreak.com/fqrdns.pcre -- Stan's big list
I've been curious about Stan's list of pcres. It looks massive,
and Stan
seems to be a regular expert contributer here. But I'm reluctant to
start using a text file from a web site with nothing on it and only a
bit of
As know one seems to have any other ideas, looks like it has to be
some rsynch variant using whatever cheap remote storage I can find.
Seems kind of OT for this list, but since nobody else seems to
object...
Two questions: Does it need to be remote, and why just the mail
spool? Why
I'm currently backing up my machine at home to a WD My Passport USB
drive, doing a monthly full and nightly differential, using a script
that employs rsync. Each backup set looks like a full backup. Works
like a champ. I'm going to use the same script on the new mailserver
I'm
Does anyone have any low-end/low-budget backup
suggestions for user mail
spools? Consider hobby type scenarios or small businesses
with a cheap single
hard drive rented (dedicated/shared) server where there may
not be budget for
another server or paid backup service.
My
No other people have systems for doing this?
we are using http://dbmail.org/ behind postfix and a replication-slave
if you have only one server you can setup a slave on a different port
as 3306 on 127.0.0.1
benefit of the slave is that you can stop it at any time, make a
copy of the
Hello,
Does anyone have any low-end/low-budget backup suggestions for user mail
spools? Consider hobby type scenarios or small businesses with a cheap single
hard drive rented (dedicated/shared) server where there may not be budget for
another server or paid backup service.
My thought was if
Does anyone have any low-end/low-budget backup suggestions for user mail
spools? Consider hobby type scenarios or small businesses with a cheap
single
hard drive rented (dedicated/shared) server where there may not be budget
for
another server or paid backup service.
My thought
Hello,
Embarrassing question time... was investigating use of port 587/submission in
addition to our usual 465/smtps, but I found that our server is already
listening on port 587. ALL of the submission lines in master.cf are
commented out.
Surely I just goofed something up, but I'm not
Embarrassing question time... was investigating use of port 587/submission
in
addition to our usual 465/smtps, but I found that our server is already
listening on port 587. ALL of the submission lines in master.cf are
commented out.
Surely I just goofed something up, but I'm not
I'm wondering about the usefulness of smtp(d)_tls_CAfile(path) when using
opportunistic encryption in both incoming and outgoing connections. The
TLS_README suggests that certificate and key files be left empty for
opportunistic smtp processes, but it doesn't talk specifically
On 4/12/2011 2:17 AM, email builder wrote:
Am I correct to infer that both smtp(d)_tls_CAfile settings only serve
a purpose when you want to verify client/server certificates?
If that's the case, why does the example at the bottom of TLS_README
use both the CAfile settings
Hello,
I'm wondering about the usefulness of smtp(d)_tls_CAfile(path) when using
opportunistic encryption in both incoming and outgoing connections. The
TLS_README suggests that certificate and key files be left empty for
opportunistic smtp processes, but it doesn't talk specifically about
Hello,
In http://www.postfix.org/postconf.5.html#smtp_sasl_auth_cache_name the fourth
sentence is:
As long as the smtp_sasl_password_maps information does no change...
That should be:
As long as the smtp_sasl_password_maps information does not change,
(s/no/not)
Hello,
I'm concerned about having ETRN wide open. I am not very familiar with ETRN
and
have no use for it in our environment. It seems harmless, but if most of one's
recipient/sender/client/helo/etc. restrictions are in places they won't be seen
by someone trying to fiddle maliciously with
I'm concerned about having ETRN wide open. I am not very familiar with
ETRN
and
have no use for it in our environment. It seems harmless, but if most of
one's
recipient/sender/client/helo/etc. restrictions are in places they won't be
seen
by someone trying to fiddle
- Original Message
From: Noel Jones njo...@megan.vbhcs.org
To: postfix-users@postfix.org
Sent: Fri, April 8, 2011 9:44:12 PM
Subject: Re: Restricting ETRN?
On 4/8/2011 11:29 PM, email builder wrote:
Or is this of no concern and/or does the junk command limit take care
I'm thinking about trying the example suggested in the documentation for
sleep:
/etc/postfix/main.cf:
smtpd_client_restrictions =
sleep 1, reject_unauth_pipelining
smtpd_delay_reject = no
In general, I try to order smtpd_*_restrictions with the least costly
On Mon, Apr 04, 2011 at 06:33:20PM -0700, email builder wrote:
I am testing a simple header_check that uses PREPEND to add a
custom header to messages.
Uh, no, I think it is not simple at all. Is this the same issue
you're working on? You have spent much time, and gotten much help
On 4/4/2011 9:54 PM, email builder wrote:
OK, sorry again. I had assumed because you can turn off header checking by
using receive_override_options, you could also override (change) them.
It is possible to override header_checks by defining a different
cleanup_service_name
OK, sorry again. I had assumed because you can turn off header checking
by
using receive_override_options, you could also override (change) them.
It is possible to override header_checks by defining a
different cleanup_service_name for smtpd, then defining that
cleanup
master.cf smtpd process entry:
-o
smtpd_data_restrictions=check_sender_access,pcre:/etc/postfix/add_my_header
/etc/postfix/add_my_header:
/^/ PREPEND X-My-Header: Hello_world
Easier than I thought. Now, PLEASE don't take this the wrong way, but I'm
What I ran into while solving the add-a-header issue (see my last
post on this thread) was that I can use a FILTER action from a
smtpd_*_restriction check to select a specialized smtp process
that is bound to a given IP address.
I found, however, that the FILTER action's
Here is what I've done with the typo corrected. Is this a Bad
Idea? Are there problems with naively using the domain from the
recipient email address as the
nexthop value?
master.cf:
smtp2 unix - - n- - smtp
-o
Here is what I've done with the typo corrected. Is this a Bad
Idea? Are there problems with naively using the domain from the
recipient email address as the
nexthop value?
master.cf:
smtp2 unix - - n - - smtp
Here is what I've done with the typo corrected. Is this a Bad
Idea? Are there problems with naively using the domain from the
recipient email address as the
nexthop value?
master.cf:
smtp2 unix - - n - - smtp
-o
The configuration makes absolutely no sense at all.
Hmm, I'm not sure why you see *no* sense in it.
If you can configure Postfix to send some email to port 10024 (which
uses a wild-card access map rule to send out all email via transport
smtp2)
Then you can configure Postfix
Here is what I've done with the typo corrected. Is this a Bad
Idea? Are there problems with naively using the domain from the
recipient email address as the
nexthop value?
master.cf:
smtp2 unix - - n - - smtp
- Original Message
From: Ralf Hildebrandt ralf.hildebra...@charite.de
To: postfix-users@postfix.org
Sent: Mon, April 4, 2011 2:12:02 PM
Subject: Re: Multiple transport maps in master.cf?
* email builder emailbuilde...@yahoo.com:
Hello,
I've found that in main.cf
OK, thank you very much for the pointer to smtp_bind_address. That's what
I
need, but I'm stumbling at the transport map. I already have outgoing
mail
segregated how I want it when it exits my content filtering (ready to be
sent
out). So ideally, the content filter
On Sun, Apr 03, 2011 at 10:39:58PM -0700, email builder wrote:
I'm wondering if it's possible to configure a smtpd process in
master.cf to send messages to the outside on a secondary network
interface.
Of course not; smtpd(8) is the SMTP daemon, the server. It receives
mail
Hello,
I've found that in main.cf, this works fine:
transport_maps = hash:/etc/postfix/transport1 hash:/etc/postfix/transport2
But not in master.cf (under a smtpd process definition):
-o transport_maps=hash:/etc/postfix/transport1 hash:/etc/postfix/transport2
Postfix complains:
fatal:
I've found that in main.cf, this works fine:
transport_maps = hash:/etc/postfix/transport1 hash:/etc/postfix/transport2
But not in master.cf (under a smtpd process definition):
-o transport_maps=hash:/etc/postfix/transport1 hash:/etc/postfix/transport2
Postfix complains:
I've found that in main.cf, this works fine:
transport_maps = hash:/etc/postfix/transport1 hash:/etc/postfix/transport2
But not in master.cf (under a smtpd process definition):
-o transport_maps=hash:/etc/postfix/transport1
hash:/etc/postfix/transport2
smtpd doesn't
- Original Message
From: email builder emailbuilde...@yahoo.com
To: postfix-users@postfix.org
Sent: Mon, April 4, 2011 2:18:01 PM
Subject: Re: Multiple transport maps in master.cf?
I've found that in main.cf, this works fine:
transport_maps = hash:/etc/postfix
OK, thank you very much for the pointer to smtp_bind_address. That's what
I
need, but I'm stumbling at the transport map. I already have outgoing
mail
segregated how I want it when it exits my content filtering (ready to be
sent
out). So ideally, the content filter
- Original Message
From: Wietse Venema wie...@porcupine.org
To: Postfix users postfix-users@postfix.org
Sent: Mon, April 4, 2011 2:34:00 PM
Subject: Re: Multiple transport maps in master.cf?
email builder:
I've found that in main.cf, this works fine
Can I override default_transport?
As documented:
http://www.postfix.org/postconf.5.html#default_transport
Right, but from what I can tell (testing it), it's like transport_maps,
in that I can't change it willy-nilly in my smtpd process with a
-o line, right?
Hello,
I am testing a simple header_check that uses PREPEND to add a custom header to
messages.
1) I *always* want to add the header, so the detected header in the rule
doesn't
matter so much. Does anyone have advice for the best header to detect so I
won't miss any messages? Is /^From:/
I am testing a simple header_check that uses PREPEND to add a custom
header
to
messages.
1) I *always* want to add the header, so the detected header in the rule
doesn't
matter so much. Does anyone have advice for the best header to detect so
I
won't miss any
Hello,
I'm wondering if it's possible to configure a smtpd process in master.cf to
send
messages to the outside on a secondary network interface. It seems to be
possible to make a smtpd process listen on a given interface (IP address) by
specifying the IP address on the front of the
Hello,
I might need to learn how to write a milter that tries to divert outgoing
messages (so a smtp/client milter) that have been sent with
smtp_tls_security_level = encrypt but failed because the destination server
doesn't support STARTTLS (I understand that this is something of a false
1) does the milter API and its placement in the server's execution provide
a
place where I can determine that STARTTLS has failed?
No. Milter processing happens as mail enters the queue, delivery and STARTTLS
success or failure happen when mail is leaving the queue.
(and
I am wondering if anyone has advice on where there are any email health
checks online. I used to use dnsstuff.com but they have since gone
commercial.
You have been given links and other suggestions for this that are sound, I
would
follow those suggestions.
It's frustrating
Hi,
I am wondering if anyone has advice on where there are any email health
checks online. I used to use dnsstuff.com but they have since gone commercial.
It's frustrating to have your users' emails land in Yahoo or Gmail spam
folders, but not be able to understand why. DNS checks out
However, I just realized that I actually might not need to change
the domain. The -o overrides I need may only be the smtpd_tls_*
settings. I was just concerned about name mismatches with the
certificate, but whatever postfix thinks is the domain shouldn't
affect the client's
email builder a écrit :
[snip]
I do not support configurations with multiple myhostname/mydomain
settings (or multiple settings for any domain-like parameter that
determines how Postfix handles email).
That's certainly fair. I can accept that I am stepping outside the use
I do not support configurations with multiple myhostname/mydomain
settings (or multiple settings for any domain-like parameter that
determines how Postfix handles email).
email builder:
That's certainly fair. I can accept that I am stepping outside
the use model
Wietse:
I do not support configurations with multiple myhostname/mydomain
settings (or multiple settings for any domain-like parameter that
determines how Postfix handles email).
email builder:
That's certainly fair. I can accept that I am stepping outside
the use model
Hello,
I have two IP addresses on my server and would like to serve a different SSL
(TLS) certificate for each one. I think all the other configuration will not
need to differ between the two, so I think running multiple instances of
postfix would be overkill (?).
I want to confirm that it
I have two IP addresses on my server and would like to serve a different
SSL
(TLS) certificate for each one. I think all the other configuration will not
need to differ between the two, so I think running multiple instances of
postfix
would be overkill (?).
I want to confirm
I have two IP addresses on my server and would like to serve a
different
SSL
(TLS) certificate for each one. I think all the other configuration will
not
need to differ between the two, so I think running multiple instances of
postfix
would be overkill (?).
78 matches
Mail list logo
