Re: Postfix + Courier IMAP local email problems
In freebsd-questions Digest, Vol 410, Issue 12, Message: 2 On Sat, 14 Apr 2012 10:51:36 -0500 (CDT) Robert Bonomi bon...@mail.r-bonomi.com wrote: | Ron rg.li...@rzweb.com wrote: OK, I found the problem. It was the hostname not being set correctly. What threw me was that it was correct in the rc.conf file, but I did not know you needed to reboot the machine to have it take effect. It just never occurred to me to run 'hostname' and see since I was seeing it correctly in the rc.conf. FYI, while it's true tht rc.conf is processed only t boot time, you don't _have_ to reboot when you make a change. What you _do_ need to do is run the same commands the the rc processing does. Unfortunately, with the 'rc.d'-style process, where rc.conf just sets environment variables, and everything else happens 'by magic', it can be a major effort to figure out -what- commands need to be run when you change something, and 'reboot' *is* the simplest way to get the job done. One reason _I_ much prefer the old BSD-style '/etc/rc.boot' and '/etc/rc.local' approch. It was =far= simpler to see exactly what was going on, in what order, and with what params. Tracking stuff through the rc.d/* swamp is a 'project' -- there is a whole nuther 'command language' to master. :(( It's really not all that complicated to change hostname(1) t23# grep hostname /etc/rc.conf hostname=t23.smithi.id.au t23# hostname t23.smithi.id.au t23# hostname boofar t23# hostname boofar t23# csh boofar# exit exit t23# hostname boofar t23# hostname t23.smithi.id.au t23# hostname t23.smithi.id.au cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Postfix + Courier IMAP local email problems
Date: Fri, 13 Apr 2012 18:48:19 -0700 From: Ron rg.li...@rzweb.com To: Robert Bonomi bon...@mail.r-bonomi.com Subject: Re: Postfix + Courier IMAP local email problems On 12.04.2012 13:54, Robert Bonomi wrote: Is there some simple I'm just messing up? Yes. grin The difficulty comes in identifying _which_ simple thing it is that is messed up. OK, I found the problem. It was the hostname not being set correctly. What threw me was that it was correct in the rc.conf file, but I did not know you needed to reboot the machine to have it take effect. It just never occurred to me to run 'hostname' and see since I was seeing it correctly in the rc.conf. FYI, while it's true tht rc.conf is processed only t boot time, you don't _have_ to reboot when you make a change. What you _do_ need to do is run the same commands the the rc processing does. Unfortunately, with the 'rc.d'-style process, where rc.conf just sets environment variables, and everything else happens 'by magic', it can be a major effort to figure out -what- commands need to be run when you change something, and 'reboot' *is* the simplest way to get the job done. One reason _I_ much prefer the old BSD-style '/etc/rc.boot' and '/etc/rc.local' approch. It was =far= simpler to see exactly what was going on, in what order, and with what params. Tracking stuff through the rc.d/* swamp is a 'project' -- there is a whole nuther 'command language' to master. :(( ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Postfix + Courier IMAP local email problems
On Thu, 12 Apr 2012 20:28:40 -0700
Ron articulated:
{snip}
Why are you wasting time posting this question on the FreeBSD list
when it properly belongs on the Postfix forum.
You can start here to subscribe to the list:
http://www.postfix.com/lists.html
Then be sure to read all of the documentation for how to report a
problem on this URL:
http://www.postfix.com/DEBUG_README.html
In particular, this section:
http://www.postfix.com/DEBUG_README.html#mail
If you had done this to begin with your problem would have been solved
by now.
--
Jerry ♔
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
__
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Postfix + Courier IMAP local email problems
On 12.04.2012 13:54, Robert Bonomi wrote: From owner-freebsd-questi...@freebsd.org Thu Apr 12 15:09:43 2012 Date: Thu, 12 Apr 2012 13:01:10 -0700 From: Ron rg.li...@rzweb.com To: freebsd-questions@freebsd.org Subject: Postfix + Courier IMAP local email problems I'm having a couple of issues with postfix and courier-imap on my new machine and I'm trying to figure out what is different from my old machine. I've checked every config file I think of and they both seem to be set up the same. Here are the two issues: If I send email from a local user (while SSH'd in using the command line mail) to another local user (mail t...@mysite.com) on the same machine, but using the full email address, I get the following error and the email bounced back: 553 5.3.5 mail.mysite.com. config error: mail loops back to me (MX problem?) 554 5.3.5 Local configuration error this is a 'well known' problem. The only thing I can think of is that mysite.com and mail.mysite.com (the mx record) do not point to the same server (which they did on my old machine). it's not that sample. grin I have also tried everything I can think of in how users are listed in postfix's virtual file and in /etc/aliases and server entries in main.cf. The problem is that the 'local' machine DOES NOT KNOW that it is supposed to accept mail for the domain specified in the email addressz. The server looks at the address, determines that it is *NOT* local, by whatever means 'postfix' uses to make that determination (it's the 'w' class in Sendmail), and goes off to query DNS for the MX for the 'remote' machine to send mail to. DNS returns this (the one asking for the 'remote' machine name) machine as the destination to deliver to. the local server =knows= that is incorrect, because it is not the delivery point for that domain. hence the error message, and 'return to sender' as undeliverable. This _is_ a configuration error in (probably) the local mailserver, or in the way the local hostname/domainname are set up.. The second issue is if (again, SSH'd in an using mail) I send email to a local user without the @mysite.com (mail todd) then the email isn't available via IMAP externally. I can read it using the command line mail, but not externally via IMAP. These two mailboxs are completely separate and have two different lists of waiting email. This is an 'inconsistency' in the way 'locally' generated mail is being handled, and the way externally generated mail is being handled. *PROBABLY* because -one- mail server program is being started at boot time, and a _different_ program is being invoked when somebody sends locally from the command-line. Chasing this down can be a b*tch. Everything and it's cousins has the executable name 'sendmail' hard-coded into it for sending outgoing mail. Sometimes the original 'sendmail' is replaced by a different executable 'of the same name', that is really 'postfix', 'exim', 'qmail', or the dreaded 'something else'. Sometimes 'sendmail' is a switching program that determings -- by some arbitrary means (typically a configurtion file, stored 'somewhere')-- _which_ of many alternatives to call. Now _if_ the mailer started at boot time is *explicitly* named as something _other_ than sendmail, and is -not- what you get when you invoke the name 'sendmail', you have obvious potential for dissimilar behavior. this is _probably_ what is going on in your case. Local command-line mail is being delivered to an 'mbox' type mailbox, while 'remote' mail is being delivered to 'something different' -- I think recent versios of IMAP use a database-type struture rather than a simple 'mbox'. Everything works fine if I send email from a remote client (Thunderbird, Mail.app) and read the email with a remote client via IMAP. It's just the local email sending that seems to be broken. I'd like to get one of these two problems fixed so root can email me daily log files, which it can't do right now or I can't read via IMAP because they are't going to the right mailbox. Is there some simple I'm just messing up? Yes. grin The difficulty comes in identifying _which_ simple thing it is that is messed up. OK, I found the problem. It was the hostname not being set correctly. What threw me was that it was correct in the rc.conf file, but I did not know you needed to reboot the machine to have it take effect. It just never occurred to me to run 'hostname' and see since I was seeing it correctly in the rc.conf. Thanks for the help. Ron ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Postfix + Courier IMAP local email problems
On Apr 12, 2012, at 1:01 PM, Ron wrote: If I send email from a local user (while SSH'd in using the command line mail) to another local user (mail t...@mysite.com) on the same machine, but using the full email address, I get the following error and the email bounced back: 553 5.3.5 mail.mysite.com. config error: mail loops back to me (MX problem?) 554 5.3.5 Local configuration error The only thing I can think of is that mysite.com and mail.mysite.com (the mx record) do not point to the same server (which they did on my old machine). I have also tried everything I can think of in how users are listed in postfix's virtual file and in /etc/aliases and server entries in main.cf. You need to tell Postfix that mysite.com and mail.mysite.com are local. See the mydestination keyword in main.cf. The second issue is if (again, SSH'd in an using mail) I send email to a local user without the @mysite.com (mail todd) then the email isn't available via IMAP externally. I can read it using the command line mail, but not externally via IMAP. These two mailboxs are completely separate and have two different lists of waiting email. This implies you might be using a command line mail which does direct delivery to a Unix-style mailbox, but Postfix is using courier via mailbox_transport setting. Postfix ought to come with a sendmail-ish wrapper which does delivery via Courier instead, probably under /usr/local/libexec/postfix/sendmail and linked to /usr/local/sbin/sendmail or similar via mailwrapper(8). Regards, -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Postfix + Courier IMAP local email problems
From owner-freebsd-questi...@freebsd.org Thu Apr 12 15:09:43 2012 Date: Thu, 12 Apr 2012 13:01:10 -0700 From: Ron rg.li...@rzweb.com To: freebsd-questions@freebsd.org Subject: Postfix + Courier IMAP local email problems I'm having a couple of issues with postfix and courier-imap on my new machine and I'm trying to figure out what is different from my old machine. I've checked every config file I think of and they both seem to be set up the same. Here are the two issues: If I send email from a local user (while SSH'd in using the command line mail) to another local user (mail t...@mysite.com) on the same machine, but using the full email address, I get the following error and the email bounced back: 553 5.3.5 mail.mysite.com. config error: mail loops back to me (MX problem?) 554 5.3.5 Local configuration error this is a 'well known' problem. The only thing I can think of is that mysite.com and mail.mysite.com (the mx record) do not point to the same server (which they did on my old machine). it's not that sample. grin I have also tried everything I can think of in how users are listed in postfix's virtual file and in /etc/aliases and server entries in main.cf. The problem is that the 'local' machine DOES NOT KNOW that it is supposed to accept mail for the domain specified in the email addressz. The server looks at the address, determines that it is *NOT* local, by whatever means 'postfix' uses to make that determination (it's the 'w' class in Sendmail), and goes off to query DNS for the MX for the 'remote' machine to send mail to. DNS returns this (the one asking for the 'remote' machine name) machine as the destination to deliver to. the local server =knows= that is incorrect, because it is not the delivery point for that domain. hence the error message, and 'return to sender' as undeliverable. This _is_ a configuration error in (probably) the local mailserver, or in the way the local hostname/domainname are set up.. The second issue is if (again, SSH'd in an using mail) I send email to a local user without the @mysite.com (mail todd) then the email isn't available via IMAP externally. I can read it using the command line mail, but not externally via IMAP. These two mailboxs are completely separate and have two different lists of waiting email. This is an 'inconsistency' in the way 'locally' generated mail is being handled, and the way externally generated mail is being handled. *PROBABLY* because -one- mail server program is being started at boot time, and a _different_ program is being invoked when somebody sends locally from the command-line. Chasing this down can be a b*tch. Everything and it's cousins has the executable name 'sendmail' hard-coded into it for sending outgoing mail. Sometimes the original 'sendmail' is replaced by a different executable 'of the same name', that is really 'postfix', 'exim', 'qmail', or the dreaded 'something else'. Sometimes 'sendmail' is a switching program that determings -- by some arbitrary means (typically a configurtion file, stored 'somewhere')-- _which_ of many alternatives to call. Now _if_ the mailer started at boot time is *explicitly* named as something _other_ than sendmail, and is -not- what you get when you invoke the name 'sendmail', you have obvious potential for dissimilar behavior. this is _probably_ what is going on in your case. Local command-line mail is being delivered to an 'mbox' type mailbox, while 'remote' mail is being delivered to 'something different' -- I think recent versios of IMAP use a database-type struture rather than a simple 'mbox'. Everything works fine if I send email from a remote client (Thunderbird, Mail.app) and read the email with a remote client via IMAP. It's just the local email sending that seems to be broken. I'd like to get one of these two problems fixed so root can email me daily log files, which it can't do right now or I can't read via IMAP because they are't going to the right mailbox. Is there some simple I'm just messing up? Yes. grin The difficulty comes in identifying _which_ simple thing it is that is messed up. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Postfix + Courier IMAP local email problems
On 12.04.2012 13:54, Robert Bonomi wrote: From owner-freebsd-questi...@freebsd.org Thu Apr 12 15:09:43 2012 Date: Thu, 12 Apr 2012 13:01:10 -0700 From: Ron rg.li...@rzweb.com To: freebsd-questions@freebsd.org Subject: Postfix + Courier IMAP local email problems I'm having a couple of issues with postfix and courier-imap on my new machine and I'm trying to figure out what is different from my old machine. I've checked every config file I think of and they both seem to be set up the same. Here are the two issues: If I send email from a local user (while SSH'd in using the command line mail) to another local user (mail t...@mysite.com) on the same machine, but using the full email address, I get the following error and the email bounced back: 553 5.3.5 mail.mysite.com. config error: mail loops back to me (MX problem?) 554 5.3.5 Local configuration error this is a 'well known' problem. The only thing I can think of is that mysite.com and mail.mysite.com (the mx record) do not point to the same server (which they did on my old machine). it's not that sample. grin I have also tried everything I can think of in how users are listed in postfix's virtual file and in /etc/aliases and server entries in main.cf. The problem is that the 'local' machine DOES NOT KNOW that it is supposed to accept mail for the domain specified in the email addressz. The server looks at the address, determines that it is *NOT* local, by whatever means 'postfix' uses to make that determination (it's the 'w' class in Sendmail), and goes off to query DNS for the MX for the 'remote' machine to send mail to. DNS returns this (the one asking for the 'remote' machine name) machine as the destination to deliver to. the local server =knows= that is incorrect, because it is not the delivery point for that domain. hence the error message, and 'return to sender' as undeliverable. This _is_ a configuration error in (probably) the local mailserver, or in the way the local hostname/domainname are set up.. I guess the question is: What is the configuration error? I've tried setting: mydestination = mysite.com, mail.mysite.com and it has no affect. The main.cf on my new machine is exactly the same as the main.cf on my old machine except for: virtual_alias_domains = mysite.com, mail.mysite.com which contains the domain of my new machine. master.cf is also identical. Is there a verbose mode I can put postfix into to see that the issue is? It should also be noted that mysite.com is a postfix virtual domain. This was true of my old machine as well, but I don't know if that matters. Sending email to t...@myserver.net produces the same MX error. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: postfix INST_BASE option
On Thu, Nov 3, 2011 at 10:47 AM, Janos Dohanics w...@3dresearch.com wrote: Could you comment on the pros and cons of using INST_BASE=on in postfix on a production server? Great question! I know there has been some discussion to be able to choose your base MTA upon install but I don't know how far this has gone. I don't use that option but rather install it as a regular port, register it in mailer.conf when it asks you to and then do this in your rc.conf sendmail_enable=NO sendmail_submit_enable=NO sendmail_outbound_enable=NO sendmail_msp_queue_enable=NO postfix_enable=YES I haven't used the INST_BASE option out of fear that it might give me trouble on building world and upgrading. Also a new approach I'm taking is using EzJail for service jails so use a pure MTA jail and use the base sendmail as a relay to that. For the time being I'm using posfix on the base system to relay but in the future I plan to do it with the native sendmail and only use postfix on the MTA service jail. -- Alejandro Imass -- Janos Dohanics ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: postfix INST_BASE option
On Thu, Nov 3, 2011 at 4:23 PM, Alejandro Imass a...@p2ee.org wrote: On Thu, Nov 3, 2011 at 10:47 AM, Janos Dohanics w...@3dresearch.com wrote: Could you comment on the pros and cons of using INST_BASE=on in postfix on a production server? Great question! I know there has been some discussion to be able to choose your base MTA upon install but I don't know how far this has gone. I don't use that option but rather install it as a regular port, register it in mailer.conf when it asks you to and then do this in your rc.conf sendmail_enable=NO sendmail_submit_enable=NO sendmail_outbound_enable=NO sendmail_msp_queue_enable=NO postfix_enable=YES You can do this a lot easier with just: sendmail_enable=NONE postfix_enable=YES -- chs, ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: postfix INST_BASE option
Christer Solskogen christer.solsko...@gmail.com writes: Hi, You can do this a lot easier with just: sendmail_enable=NONE From rc.sendmail(8) : RC.CONF VARIABLES The following variables affect the behavior of rc.sendmail. They are defined in /etc/defaults/rc.conf and can be changed in /etc/rc.conf. sendmail_enable (str) If set to ``YES'', run the sendmail(8) daemon at system boot time. If set to ``NO'', do not run a sendmail(8) daemon to listen for incoming network mail. This does not preclude a sendmail(8) daemon listening on the SMTP port of the loopback interface. The ``NONE'' option is deprecated and should not be used. It will be removed in a future release. Regards Éric Masson -- CS: Oui mais alors moi je me construis une souris avec autant de boutons qu'applis et je fais des racourcis, rena ! :-) LP: Ah oui, mais alors là il va falloir acheter des doigts, rerena! ;-p -+- LP in Guide du Macounet Pervers : Vous m'en mettrez une poignée -+- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: postfix INST_BASE option
On Thu, Nov 3, 2011 at 6:19 PM, Eric Masson e...@free.fr wrote: From rc.sendmail(8) : snip See, know I also learned something today :-) -- chs, ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: postfix INST_BASE option
Janos Dohanics w...@3dresearch.com writes: Could you comment on the pros and cons of using INST_BASE=on in postfix on a production server? I wouldn't describe either the pros or the cons as particularly strong. If you're not going to use sendmail, you might want to remove it. If you do source upgrades, then setting WITHOUT_SENDMAIL in src.conf will keep it from getting built or installed, and will enable you to remove the existing sendmail files as part of make delete-old. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: postfix INST_BASE option
On Thu, 3 Nov 2011 11:23:46 -0400 Alejandro Imass a...@p2ee.org wrote: On Thu, Nov 3, 2011 at 10:47 AM, Janos Dohanics w...@3dresearch.com wrote: Could you comment on the pros and cons of using INST_BASE=on in postfix on a production server? Great question! I know there has been some discussion to be able to choose your base MTA upon install but I don't know how far this has gone. I don't use that option but rather install it as a regular port, register it in mailer.conf when it asks you to and then do this in your rc.conf sendmail_enable=NO sendmail_submit_enable=NO sendmail_outbound_enable=NO sendmail_msp_queue_enable=NO postfix_enable=YES I haven't used the INST_BASE option out of fear that it might give me trouble on building world and upgrading. Also a new approach I'm taking is using EzJail for service jails so use a pure MTA jail and use the base sendmail as a relay to that. For the time being I'm using posfix on the base system to relay but in the future I plan to do it with the native sendmail and only use postfix on the MTA service jail. -- Alejandro Imass That's exactly what I have done when setting up systems, as well as setting WITHOUT_SENDMAIL in src.conf, as Lowell Gilbert mentioned. With the above options, Sendmail is disabled, is not being built with buildworld, and Postfix is installed as regular port in /usr/local. If INST_BASE=off is the default, what's then the usage scenario when I still would want to change it? -- Janos Dohanics ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: postfix / windows live mail problems (possibly OT)
Your postfix does not relay mails from this client. See http://www.postfix.org/SMTPD_ACCESS_README.html http://www.postfix.org/SMTPD_ACCESS_README.htmlI suggest you to remove your IPs from messages next time. By the way, postfix should have its own mail-list, not freebsd:) On Wed, Mar 16, 2011 at 11:35 PM, Mark Moellering m...@msen.com wrote: I recently set up a postfix mail server on freebsd 8.1 with dovecot. I am having trouble sending mail using Windows Live Mail. The error I see in the logfiles is: Mar 16 13:13:57 mail postfix/smtpd[5159]: connect from c-68-40-255-141.hsd1.mi.comcast.net[68.40.255.141] Mar 16 13:13:57 mail postfix/smtpd[5159]: NOQUEUE: reject: RCPT from c-68-40-255-141.hsd1.mi.comcast.net[68.40.255.141]: 554 5.7.1 m...@.com: Relay access denied; from=b...@.com to= m...@.com proto=ESMTP helo=HPPC Mar 16 13:13:57 mail postfix/smtpd[5159]: disconnect from c-68-40-255-141.hsd1.mi.comcast.net[68.40.255.141] The error Windows Live displays is: Server Error: 554 Server Response: 554 5.7.1 m...@.com: Relay access denied Server: 'mail..com' Windows Live Mail Error ID: 0x800CCC79 Protocol: SMTP Port: 587 Secure(SSL): No If anyone can point me to a better list or otherwise help out, it would be greatly appreciated. Naturally, Thunderbird and KDE-Mail work fine... Mark Moellering Class-Creator . com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: postfix / windows live mail problems (possibly OT)
My apologies, I could not find the postfix mailing list initially. (it has been a Deal with Microsoft software day...) I have now found the proper list, Thank You On 16-Mar-11 5:15 PM, Ilya Kazakevich wrote: Your postfix does not relay mails from this client. See http://www.postfix.org/SMTPD_ACCESS_README.html I suggest you to remove your IPs from messages next time. By the way, postfix should have its own mail-list, not freebsd:) On Wed, Mar 16, 2011 at 11:35 PM, Mark Moellering m...@msen.com mailto:m...@msen.com wrote: I recently set up a postfix mail server on freebsd 8.1 with dovecot. I am having trouble sending mail using Windows Live Mail. The error I see in the logfiles is: Mar 16 13:13:57 mail postfix/smtpd[5159]: connect from c-68-40-255-141.hsd1.mi.comcast.net http://c-68-40-255-141.hsd1.mi.comcast.net[68.40.255.141] Mar 16 13:13:57 mail postfix/smtpd[5159]: NOQUEUE: reject: RCPT from c-68-40-255-141.hsd1.mi.comcast.net http://c-68-40-255-141.hsd1.mi.comcast.net[68.40.255.141]: 554 5.7.1 m...@.com mailto:m...@.com: Relay access denied; from=b...@.com mailto:b...@.com to=m...@.com mailto:m...@.com proto=ESMTP helo=HPPC Mar 16 13:13:57 mail postfix/smtpd[5159]: disconnect from c-68-40-255-141.hsd1.mi.comcast.net http://c-68-40-255-141.hsd1.mi.comcast.net[68.40.255.141] The error Windows Live displays is: Server Error: 554 Server Response: 554 5.7.1 m...@.com mailto:m...@.com: Relay access denied Server: 'mail..com http://mail..com' Windows Live Mail Error ID: 0x800CCC79 Protocol: SMTP Port: 587 Secure(SSL): No If anyone can point me to a better list or otherwise help out, it would be greatly appreciated. Naturally, Thunderbird and KDE-Mail work fine... Mark Moellering Class-Creator . com ___ freebsd-questions@freebsd.org mailto:freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org mailto:freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: postfix / windows live mail problems (possibly OT)
On Wed, 16 Mar 2011 17:48:36 -0400 Mark Moellering m...@msen.com articulated: My apologies, I could not find the postfix mailing list initially. (it has been a Deal with Microsoft software day...) I have now found the proper list, Thank You Before posting to the Postfix list, follow the directions on the Postfix debug page: http://www.postfix.com/DEBUG_README.html. In addition, lose the Top Posting technique. I can assure you it will not be appreciated there. Specifically: Reporting problems to postfix-us...@postfix.org The people who participate on postfix-us...@postfix.org are very helpful, especially if YOU provide them with sufficient information. Remember, these volunteers are willing to help, but their time is limited. When reporting a problem, be sure to include the following information. A summary of the problem. Please do not just send some logging without explanation of what YOU believe is wrong. Complete error messages. Please use cut-and-paste, or use attachments, instead of reciting information from memory. Output from postconf -n. Please do not send your main.cf file, or 500+ lines of postconf output. Better, provide output from the postfinger tool. This can be found at http://ftp.wl0.org/SOURCES/postfinger. If the problem is SASL related, consider including the output from the saslfinger tool. This can be found at http://postfix.state-of-mind.de/patrick.koetter/saslfinger/. I use Windows Live Mail via Postfix all the time. I know it works quite well. You probably do not have SASL or some other simple thing configured incorrectly. This is not a Windows Live Mail problem. -- Jerry ✌ freebsd.u...@seibercom.net Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ The latest toy has just hit the shops - a talking Muslim doll. Nobody knows what the hell it says because no one's got the balls to pull the cord. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Postfix and Gmail
On Sat, Dec 11, 2010 at 11:03 AM, Redd Vinylene reddvinyl...@gmail.comwrote: Anybody hooked their Postfix servers up with Gmail to use it as a client? I'm tired of all this using mutt on several boxes, setting up virtual MySQL accounts and domains with crap webapps. Figured I'd just use Gmail for it all and be done with it. Curious what sort of experiences y'all have though. In theory, you should be able to plop your POP3/IMAP info into GMail and be off and running. (I would set up lables to sort your mail tho) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Postfix and Gmail
Redd Vinylene wrote: Anybody hooked their Postfix servers up with Gmail to use it as a client? [snip] Hate to break it you, but Postfix is not client software. FWIW though, there are two problem areas wrt to running a mail server. There's running the mail server itself, and then there's trying to run a mail server with bad broken DNS. You'd be surprised by how often 'mail' problems turn out to be the latter. -Mike ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Postfix and Gmail
Redd Vinylene reddvinyl...@gmail.com 쓰시길: Anybody hooked their Postfix servers up with Gmail to use it as a client? I'm tired of all this using mutt on several boxes, setting up virtual MySQL accounts and domains with crap webapps. Figured I'd just use Gmail for it all and be done with it. Curious what sort of experiences y'all have though. It's not impossible. There are several how-to documents. See Google. What i found are: [1] http://wiki.linuxmce.org/index.php/Postfix_configured_with_Gmail_SMTP [2] http://souptonuts.sourceforge.net/postfix_tutorial.html -- 소여물 황병희(黃炳熙) | .. 출항 15분전.. Mr. Corleone promises only to speak in your favor on this labor trouble as a matter of friendship in return for your speaking in behalf of his client. -- Tom Hagen, Chapter 1, page 61 pgpIeOZt7u1Vc.pgp Description: PGP signature
Re: postfix installed in base, mailwrapper spins using 100% CPU
On Thu, Oct 07, 2010 at 10:40:22AM +0100, Bruce Cran wrote: Hi, I installed a new server recently with postfix. I first rebuilt world using WITH_SENDMAIL=no and removed the sendmail files using 'make delete-old'. I installed postfix in /usr but now mailwrapper doesn't work - it runs using 100% CPU and never quits. I suspect it might be stuck in a loop trying to run the sendmail binary and being redirected back to itself. So /etc/mail/mailer.conf contains: sendmail/usr/sbin/sendmail send-mail /usr/sbin/sendmail mailq /usr/sbin/sendmail newaliases /usr/sbin/sendmail and /usr/sbin/sendmail is: lrwxr-xr-x 1 root wheel 21 Oct 2 09:50 /usr/sbin/sendmail - /usr/sbin/mailwrapper Should it actually be the sendmail binary that postfix installs, and if so I'm wondering how it could have ended up being a symlink? You should use src.conf(5) and set WITHOUT_SENDMAIL=yes to avoid building sendmail nowadays. Postfix normally (when installed from ports) installs a fake sendmail binary in /usr/local/bin. So mailer.conf should contain the following: # # Execute the Postfix sendmail program, named /usr/local/sbin/sendmail # sendmail/usr/local/sbin/sendmail send-mail /usr/local/sbin/sendmail mailq /usr/local/sbin/sendmail newaliases /usr/local/sbin/sendmail and rc.conf should have: sendmail_enable=NONE Regards, -- Frank Contact info: http://www.shute.org.uk/misc/contact.html ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: postfix installed in base, mailwrapper spins using 100% CPU
On Thu, 7 Oct 2010 14:38:54 +0100 Frank Shute fr...@shute.org.uk wrote: You should use src.conf(5) and set WITHOUT_SENDMAIL=yes to avoid building sendmail nowadays. I don't know why I said I had WITH_SENDMAIL=no, because I actually have WITHOUT_SENDMAIL=yes in /etc/src.conf! Postfix normally (when installed from ports) installs a fake sendmail binary in /usr/local/bin. I think the problem occurs because in the OPTIONS menu I told it to install to /usr: INST_BASE Install into /usr and /etc/postfix I guess I need to remove /usr/sbin/sendmail and reinstall postfix. -- Bruce Cran ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Postfix bad command startup??
On 5/31/10, Kaya Saman samank...@netscape.net wrote: Hi, similar like I wrote before, to do with my migration from Solaris 9 to FreeBSD 8.0 x64 RELEASE. Postfix is being run in a BSD Jail and so far I have disabled as much as I could of sendmail which I did this to rc.conf within the jail: postfix_enable=YES sendmail_enable=NONE sendmail_submit_enable=NO sendmail_outbound_enable=NO sendmail_msp_queue_enable=NO However upon startup Postfix gives me this problem: May 31 18:03:18 relay postfix/master[4280]: warning: /usr/local/libexec/postfix/smtpd: bad command startup -- throttling May 31 18:04:18 relay postfix/smtpd[4606]: fatal: open database /etc/aliases.db: No such file or directory May 31 18:04:19 relay postfix/master[4280]: warning: process /usr/local/libexec/postfix/smtpd pid 4606 exit status 1 May 31 18:04:19 relay postfix/master[4280]: warning: /usr/local/libexec/postfix/smtpd: bad command startup -- throttling May 31 18:05:19 relay postfix/smtpd[4629]: fatal: open database /etc/aliases.db: No such file or directory May 31 18:05:20 relay postfix/master[4280]: warning: process /usr/local/libexec/postfix/smtpd pid 4629 exit status 1 May 31 18:05:20 relay postfix/master[4280]: warning: /usr/local/libexec/postfix/smtpd: bad command startup -- throttling I can tell that it's listening as netstat -ap tcp reveals this: netstat: kvm not available: /dev/mem: No such file or directory Active Internet connections (including servers) Proto Recv-Q Send-Q Local Address Foreign Address (state) tcp4 0 0 relay.smtp 110.52.7.217.2140 ESTABLISHED tcp4 0 0 relay.smtp web112111.mail.g.33920 ESTABLISHED tcp4 0 0 relay.smtp 110.52.6.29.4643 ESTABLISHED tcp4 0 0 relay.smtp 78-61-12-207.sta.28507 CLOSED tcp4 0 0 relay.smtp 78-61-12-207.sta.27646 CLOSE_WAIT tcp4 0 0 relay.smtp 78-61-12-207.sta.26479 CLOSE_WAIT tcp4 0 0 relay.smtp 110.52.6.35.2109 ESTABLISHED tcp4 0 0 relay.smtp 78-61-12-207.sta.23305 CLOSED tcp4 0 0 relay.smtp 78-61-12-207.sta.22314 CLOSE_WAIT tcp4 0 0 relay.smtp 78-61-12-207.sta.21323 CLOSE_WAIT tcp4 0 0 relay.ssh *.*LISTEN tcp4 0 0 relay.smtp *.*LISTEN /var/log/messages gives me this: May 31 18:10:24 relay postfix/smtpd[4662]: fatal: open database /etc/aliases.db: No such file or directory however I did run the command newaliases which did create the aliases file under /etc/mail/aliases with the aliases.db file being under there as well as under /etc. Currently no mail is being relayed throughout the domain so I can tell that it's not working as even the /var/log/maillog file is telling me that messages are queued but not sent if I use: mail -s test em...@address.com test ^D Can someone please help me work out what is causing Postfix to fail as I've managed to migrate my config from Linux to Solaris with not as many issues and problems as this so it really beats me... Many thanks, Kaya Kaya, You may need to edit the following alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases and run BOTH 'newaliases' and 'postalias /etc/aliases' depending on your setup. restart postfix for good measure if you telnet to your postfix IP and get the 220 banner, postfix is happy with the config and should work as config'd. if after establishing a telnet session, you don't get any banner, postfix is still having problems with something. start looking at logs again. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Postfix bad command startup??
On 31/05/2010 22:07, Tim Judd wrote: On 5/31/10, Kaya Samansamank...@netscape.net wrote: Hi, similar like I wrote before, to do with my migration from Solaris 9 to FreeBSD 8.0 x64 RELEASE. Postfix is being run in a BSD Jail and so far I have disabled as much as I could of sendmail which I did this to rc.conf within the jail: postfix_enable=YES sendmail_enable=NONE sendmail_submit_enable=NO sendmail_outbound_enable=NO sendmail_msp_queue_enable=NO However upon startup Postfix gives me this problem: May 31 18:03:18 relay postfix/master[4280]: warning: /usr/local/libexec/postfix/smtpd: bad command startup -- throttling May 31 18:04:18 relay postfix/smtpd[4606]: fatal: open database /etc/aliases.db: No such file or directory May 31 18:04:19 relay postfix/master[4280]: warning: process /usr/local/libexec/postfix/smtpd pid 4606 exit status 1 May 31 18:04:19 relay postfix/master[4280]: warning: /usr/local/libexec/postfix/smtpd: bad command startup -- throttling May 31 18:05:19 relay postfix/smtpd[4629]: fatal: open database /etc/aliases.db: No such file or directory May 31 18:05:20 relay postfix/master[4280]: warning: process /usr/local/libexec/postfix/smtpd pid 4629 exit status 1 May 31 18:05:20 relay postfix/master[4280]: warning: /usr/local/libexec/postfix/smtpd: bad command startup -- throttling I can tell that it's listening as netstat -ap tcp reveals this: netstat: kvm not available: /dev/mem: No such file or directory Active Internet connections (including servers) Proto Recv-Q Send-Q Local Address Foreign Address (state) tcp4 0 0 relay.smtp 110.52.7.217.2140 ESTABLISHED tcp4 0 0 relay.smtp web112111.mail.g.33920 ESTABLISHED tcp4 0 0 relay.smtp 110.52.6.29.4643 ESTABLISHED tcp4 0 0 relay.smtp 78-61-12-207.sta.28507 CLOSED tcp4 0 0 relay.smtp 78-61-12-207.sta.27646 CLOSE_WAIT tcp4 0 0 relay.smtp 78-61-12-207.sta.26479 CLOSE_WAIT tcp4 0 0 relay.smtp 110.52.6.35.2109 ESTABLISHED tcp4 0 0 relay.smtp 78-61-12-207.sta.23305 CLOSED tcp4 0 0 relay.smtp 78-61-12-207.sta.22314 CLOSE_WAIT tcp4 0 0 relay.smtp 78-61-12-207.sta.21323 CLOSE_WAIT tcp4 0 0 relay.ssh *.*LISTEN tcp4 0 0 relay.smtp *.*LISTEN /var/log/messages gives me this: May 31 18:10:24 relay postfix/smtpd[4662]: fatal: open database /etc/aliases.db: No such file or directory however I did run the command newaliases which did create the aliases file under /etc/mail/aliases with the aliases.db file being under there as well as under /etc. Currently no mail is being relayed throughout the domain so I can tell that it's not working as even the /var/log/maillog file is telling me that messages are queued but not sent if I use: mail -s test em...@address.com test ^D Can someone please help me work out what is causing Postfix to fail as I've managed to migrate my config from Linux to Solaris with not as many issues and problems as this so it really beats me... Many thanks, Kaya Kaya, You may need to edit the following alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases and run BOTH 'newaliases' and 'postalias /etc/aliases' depending on your setup. restart postfix for good measure if you telnet to your postfix IP and get the 220 banner, postfix is happy with the config and should work as config'd. if after establishing a telnet session, you don't get any banner, postfix is still having problems with something. start looking at logs again. Thanks so much Tim!!! :-) I hadn't used the 'postalias /etc/aliases' command at all so running it now actually made the system work pretty well.. At least I haven't restarted the Jail yet but so far everything works! I just hope this stays permanently as I find Jails a bit less stable then Solaris Zones which is what I'm trying to mimic with them; however, it might just be because I don't know how to use them yet as I've only just learned about how to create them and run simple services in them. Meaning that my statement is probably wy premature!! Now if I could just figure out how to start Squid through the rc.d scripts rather then running manually as root user as per my other posting that would be really cool... Best Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Postfix signal 11
On Tue, Apr 27, 2010 at 11:17 AM, Ron rg.li...@rzweb.com wrote: After I did a big portupgrade on the April 25th, I am now getting a lot these... +pid 53508 (conftest), uid 0: exited on signal 11 (core dumped) +pid 28553 (smtp), uid 125: exited on signal 11 +pid 28569 (smtp), uid 125: exited on signal 11 +pid 28657 (smtp), uid 125: exited on signal 11 ..in my logs. I've tried forcing a rebuild of postfix and all dependency to no avail. I don't seem to be loosing any email. I'm assuming it's postfix (I don't use sendmail), but I could be wrong. Anyone know what this is or where I should start looking? Did I not upgrade something correctly after the big changes? Thanks Signal 11, or SIGSEGV, is a segmentation violation. It occurs when a program makes an invalid memory reference. The program exits (crashes) and leaves a dump of it's memory image on the file system somewhere. The memory image, a .core file, is somewhere on your file system and will allow the application (I assume Postfix) to be debugged (using gdb). -Brandon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Postfix signal 11
Ron wrote: After I did a big portupgrade on the April 25th, I am now getting a lot these... +pid 53508 (conftest), uid 0: exited on signal 11 (core dumped) +pid 28553 (smtp), uid 125: exited on signal 11 +pid 28569 (smtp), uid 125: exited on signal 11 +pid 28657 (smtp), uid 125: exited on signal 11 ..in my logs. I've tried forcing a rebuild of postfix and all dependency to no avail. I don't seem to be loosing any email. I'm assuming it's postfix (I don't use sendmail), but I could be wrong. Anyone know what this is or where I should start looking? Did I not upgrade something correctly after the big changes? One quick thing you can check is your /etc/mail/mailer.conf: # Execute the Postfix sendmail program, named /usr/local/sbin/sendmail # sendmail /usr/local/sbin/sendmail send-mail/usr/local/sbin/sendmail mailq/usr/local/sbin/sendmail newaliases /usr/local/sbin/sendmail I've had this happen before when I did a system rebuild and the original system based sendmail became used again instead of the Postfix install. If this file got reset back to pointing at the system sendmail somehow you will see these errors. IIRC Postfix has a switch which selects where it gets installed. Perhaps the upgrade didn't put it back where it originally was located, in which case you are again executing the sendmail binary instead of the mail getting picked up by Postfix. This is what my current /etc/rc.conf looks like: #sendmail_enable=NONE postfix_enable=YES sendmail_enable=NO #sendmail_flags=-bd #sendmail_pidfile=/var/spool/postfix/pid/master.pid #sendmail_procname=/usr/local/libexec/postfix/master sendmail_outbound_enable=NO sendmail_submit_enable=NO sendmail_msp_queue_enable=NO Also, if you are using sasl auth you might try rebuilding that as well. You might get more info looking in the /var/log/maillog too. Just a few quickies off the top of my head to get started with... -Mike ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Postfix in base system
On Wednesday 07 April 2010 13:34:07 Jerry wrote: I noticed that someone in another thread mentioned: quote (2010-03-22) added option to install Postfix into the base /quote I have not been able to locate that item. Could someone list the URL for that notice or tell me where to look for it? :-? Thanks %-\ I found it in the cvsweb interface to the ports tree: http://www.freebsd.org/cgi/cvsweb.cgi/ports/mail/postfix/Makefile Which lists rev1.155 with the commit message: Add an option to install into the base, and related support HTH Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: postfix/amavids/sa/etc in FreeBSD jail?
Le Fri, 9 Oct 2009 20:35:20 +0200, Len Conrad lcon...@go2france.com a écrit : is a FreeBSD jail enough of a virtualized OS to run a full filtering MX config setup exactly as on a native FreeBSD? Yes. Here I use one jail acting as a mail gateway and one for mail delivery. Works like a charm as it should. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Postfix doesn't start
Le dimanche 4 octobre 2009 21:33:12 Vinzstyle, vous avez écrit : Le dimanche 4 octobre 2009 21:09:05 jgi...@gmail.com, vous avez écrit : What are the actual permissions on the lock file, not just the containing directory? Josh Sent via BlackBerry from T-Mobile -Original Message- From: Vinzstyle vinzst...@free.fr Date: Sun, 4 Oct 2009 20:41:32 To: freebsd-questions@freebsd.org Subject: Postfix doesn't start Hi, I installed Postfix with PCRE support from the ports collection, but I get this error when I try to start it : Oct 4 20:22:09 mail postfix/postfix-script[47114]: starting the Postfix mail system Oct 4 20:22:09 mail postfix/master[47115]: fatal: open lock file /var/db/postfix/master.lock: cannot open file: Permission denied [r...@mail /]# ls -ld /var/db/postfix/ drwx-- 2 postfix wheel 512 Oct 4 20:16 /var/db/postfix/ The mail_owner directive is set to postfix in main.cf Is there some things to set up after the make install ? Did I miss something ? I'm running FreeBSD-7.2-RELEASE, and Postfix(-2.5.6,1) is started inside a jail. Thanks for your help :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org The file isn't created by make install. If I create it with permissions 666 and postfix as owner, I get the same error message... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org Hi, sorry, it was my fault :) Permissions were 750 on a parent directory... Thanks for your help anyway :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Postfix doesn't start
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Vinzstyle wrote: Hi, I installed Postfix with PCRE support from the ports collection, but I get this error when I try to start it : Oct 4 20:22:09 mail postfix/postfix-script[47114]: starting the Postfix mail system Oct 4 20:22:09 mail postfix/master[47115]: fatal: open lock file /var/db/postfix/master.lock: cannot open file: Permission denied [r...@mail /]# ls -ld /var/db/postfix/ drwx-- 2 postfix wheel 512 Oct 4 20:16 /var/db/postfix/ The mail_owner directive is set to postfix in main.cf Is there some things to set up after the make install ? Did I miss something ? I'm running FreeBSD-7.2-RELEASE, and Postfix(-2.5.6,1) is started inside a jail. Thanks for your help :) Hi there, Whenever I run into problems like this and I can't easily resolve them, I turn to truss (http://bit.ly/yipvq) or strace (http://bit.ly/1oXQ4v) so I can see exactly what's happening to cause the permission denied message. If you want, post output from those tools back here, and I'm sure someone can help you narrow the problem down. Cheers, Greg - -- Greg Larkin http://www.FreeBSD.org/ - The Power To Serve http://www.sourcehosting.net/ - Ready. Set. Code. http://twitter.com/sourcehosting/ - Follow me, follow you -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFKyfNS0sRouByUApARAloSAJ4m2N1prTe0UiabVrlkTytmcd9jqACeO2hm DO3gs2YDX/bWYNhJnsdV+1Y= =QtfE -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Postfix doesn't start
Le dimanche 4 octobre 2009 21:09:05 jgi...@gmail.com, vous avez écrit : What are the actual permissions on the lock file, not just the containing directory? Josh Sent via BlackBerry from T-Mobile -Original Message- From: Vinzstyle vinzst...@free.fr Date: Sun, 4 Oct 2009 20:41:32 To: freebsd-questions@freebsd.org Subject: Postfix doesn't start Hi, I installed Postfix with PCRE support from the ports collection, but I get this error when I try to start it : Oct 4 20:22:09 mail postfix/postfix-script[47114]: starting the Postfix mail system Oct 4 20:22:09 mail postfix/master[47115]: fatal: open lock file /var/db/postfix/master.lock: cannot open file: Permission denied [r...@mail /]# ls -ld /var/db/postfix/ drwx-- 2 postfix wheel 512 Oct 4 20:16 /var/db/postfix/ The mail_owner directive is set to postfix in main.cf Is there some things to set up after the make install ? Did I miss something ? I'm running FreeBSD-7.2-RELEASE, and Postfix(-2.5.6,1) is started inside a jail. Thanks for your help :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org The file isn't created by make install. If I create it with permissions 666 and postfix as owner, I get the same error message... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Postfix doesn't start
What are the actual permissions on the lock file, not just the containing directory? Josh Sent via BlackBerry from T-Mobile -Original Message- From: Vinzstyle vinzst...@free.fr Date: Sun, 4 Oct 2009 20:41:32 To: freebsd-questions@freebsd.org Subject: Postfix doesn't start Hi, I installed Postfix with PCRE support from the ports collection, but I get this error when I try to start it : Oct 4 20:22:09 mail postfix/postfix-script[47114]: starting the Postfix mail system Oct 4 20:22:09 mail postfix/master[47115]: fatal: open lock file /var/db/postfix/master.lock: cannot open file: Permission denied [r...@mail /]# ls -ld /var/db/postfix/ drwx-- 2 postfix wheel 512 Oct 4 20:16 /var/db/postfix/ The mail_owner directive is set to postfix in main.cf Is there some things to set up after the make install ? Did I miss something ? I'm running FreeBSD-7.2-RELEASE, and Postfix(-2.5.6,1) is started inside a jail. Thanks for your help :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: postfix + cyrus sasl: no go
On Sat, 19 Sep 2009 17:05:24 -0500 Jarrod Slick jarrod...@gmail.com wrote: use dovecot . . . I spent days trying to get postfix configured with cyrus sasl, tweaking everything I could think of multiple times, and I still couldn't get it to work. Tried dovecot and had everything working in 10 minutes. Please don't top post. If you don't know what that means, Google for it. If the OP has 'dovecot' all ready installed, that might be a viable option. Otherwise, he would be better off to simply configure SASL2 correctly. I would strongly recommend that the OP reads the Postfix documentation on SASL as well as visiting: http://postfix.state-of-mind.de/patrick.koetter/saslfinger/ and downloading and running the 'saslfinger' utility. He can then post the output preferably the Postfix forum, or else here. -- Gerard ger...@seibercom.net A well-known friend is a treasure. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: postfix + cyrus sasl: no go
On Sat, 19 Sep 2009 06:33:00 -0700 (PDT) Colin Brace c...@lim.nl wrote: Hi all, I have compiled postfix with the SASL2 option. After creating the saslpass file, I added the appropriate lines to main.cf: smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/usr/local/etc/postfix/saslpass smtp_sasl_security_options = and restarted postfix. However, when I try to send an email, I see these lines in maillog: Sep 19 15:07:19 venus postfix/smtp[75188]: warning: unsupported SASL client implementation: cyrus Sep 19 15:07:19 venus postfix/smtp[75188]: fatal: SASL library initialization Also, postconf -A doesn't return anything. FWIW, postconf -a returns dovecot. Any ideas what is going wrong here? versions: postfix-2.6.5,1 cyrus-sasl-2.1.23 FreeBSD 7.0 This question really belongs on the Postfix forum. In any case: 1) Post the complete output of postconf -n 2) Post the contents of: /usr/local/lib/sasl2/smtpd.conf 3) Please check: http://www.postfix.org/SASL_README.html 4) Post the output of a telnet session to your mail server In the mail/postfix directory, do a make rmconfig then redo the config; i.e., make config. Be sure to enable SASL2. You also will probably need to enable a database format; i.e.,berkley, MySql or whatever you intend to use. If you ever intend to use TLS/SSL, now would be the time to enable it. Then do: make clean make deinstall make reinstall make distclean Check again with a telnet session and post the output if it still does not work. -- Jerry ges...@yahoo.com I was in Vegas last week. I was at the roulette table, having a lengthy argument about what I considered an Odd number. Steven Wright ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: postfix + cyrus sasl: no go
Jerry-107 wrote: 2) Post the contents of: /usr/local/lib/sasl2/smtpd.conf Jerry, this file doesn't exist on my system. - Colin Brace Amsterdam http://lim.nl -- View this message in context: http://www.nabble.com/postfix-%2B-cyrus-sasl%3A-no-go-tp25521649p25523570.html Sent from the freebsd-questions mailing list archive at Nabble.com. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: postfix + cyrus sasl: no go
On Sat, 19 Sep 2009 10:12:40 -0700 (PDT) Colin Brace c...@lim.nl wrote: Jerry-107 wrote: 2) Post the contents of: /usr/local/lib/sasl2/smtpd.conf Jerry, this file doesn't exist on my system. Please, check the URL I sent previously. You have SASL2 configured incorrectly. It needs the smtpd.conf file to work correctly. There is an abundance of documentation of the Postfix site describing how to configure the file. Start with the URL I sent you. You really should post on the Postfix forum for best results also. -- Jerry ges...@yahoo.com Why you say you no bunny rabbit when you have little powder-puff tail? The Tasmanian Devil ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: postfix + cyrus sasl: no go
use dovecot . . . I spent days trying to get postfix configured with cyrus sasl, tweaking everything I could think of multiple times, and I still couldn't get it to work. Tried dovecot and had everything working in 10 minutes. On Sat, Sep 19, 2009 at 12:44 PM, Jerry ges...@yahoo.com wrote: On Sat, 19 Sep 2009 10:12:40 -0700 (PDT) Colin Brace c...@lim.nl wrote: Jerry-107 wrote: 2) Post the contents of: /usr/local/lib/sasl2/smtpd.conf Jerry, this file doesn't exist on my system. Please, check the URL I sent previously. You have SASL2 configured incorrectly. It needs the smtpd.conf file to work correctly. There is an abundance of documentation of the Postfix site describing how to configure the file. Start with the URL I sent you. You really should post on the Postfix forum for best results also. -- Jerry ges...@yahoo.com Why you say you no bunny rabbit when you have little powder-puff tail? The Tasmanian Devil ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Postfix communicating with IPFW
Jos Chrispijn [EMAIL PROTECTED] wrote: I recently got attacked with some dsl subscribers of this (imaginary) some.net domain. These subscribers present themselves as [ip address.dynamic.some.net]. Postfix SMTP server: errors from 66-66-66-166.dynamic.some.net [66.66.66.166] What I would like to do is to generate a some.net list with all these dynamic ip addresses and provide them to my ipfw firewall in order to block them on the moment that they try to relay a 2nd time thru my server. This will cause less process time as it is quicker to send someone home by the doorkeeper (ipfw) rather than check his credentials first (Postfix) and tell him to get lost. True, but Postfix can handle these rejects just fine though YMMV depending on your load and other aspects of your setup to which we aren't privy. Is there any way to let postfix 'communicate' with my ipfw firewall? No, but you can write a script that parses your maillog and accordingly updates firewall rules. Tools like fail2ban are often mentioned here -- check the archives and adapt as necessary. -- Sahil Tandon [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix communicating with IPFW
Sahil Tandon [EMAIL PROTECTED] wrote:
Jos Chrispijn [EMAIL PROTECTED] wrote:
I recently got attacked with some dsl subscribers of this (imaginary)
some.net domain.
These subscribers present themselves as [ip address.dynamic.some.net].
Postfix SMTP server: errors from 66-66-66-166.dynamic.some.net
[66.66.66.166]
One more thing: I use the following PCRE to block dynamic-looking IPs at
SMTP and it really isn't resource intensive.
/\d+([-\.]\d+){3}/ REJECT Generic hostnames prohibited.
--
Sahil Tandon [EMAIL PROTECTED]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix communicating with IPFW
Thank you all for sharing your expertise! I will follow all the suggestions that have been made in order to solve the matter. Jos ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix, maildir's, and writing filters
On Tue, 2008-09-23 at 08:24 -0400, George Fazio wrote: Da Rock wrote: On Mon, 2008-09-22 at 20:53 -0400, George Fazio wrote: Da Rock wrote: Howdy. This may seem simple, but I'm completely green on this: I have a postfix server with a courier-imap client frontend using maildir's. I'm using imap for an internal mta, but I need to setup a system which retains copies of sent emails on the network and not on individual workstations (which is what happens currently). When you say courier-imap client, do you mean you're using maildrop to deliver the message to the user's maildir or that there is an end-user courier-imap client? I am only familiar with the maildrop piece of courier. I've looked at some of the solutions (bcc and send to a psuedo account for each user, bcc to the user and filter the incoming mail on this) but it seems like a very roundabout way of doing things. I've read up on Postfix, and there is support for custom filters, so: 1. what does it take to write one? 2. how does one copy email from one folder to another in maildirs? Is it possible? This is a classic case of over engineering. You do not want to bcc back to the user, or filter the mta, just move the outgoing messages to the sent folder. You might need bcc for the purposes of journaling all email, if you have any legal requirement (sox, hippa, etc.) that require it. But, that it another ball of wax entirely. This idea I have should filter the outgoing mail and copy the messages to the sent folder as well as retaining its place in the queue. If the end-user's client is using imap and configured properly, it should do this for you. Thurderbird, the full version of Outlook (and probably Express), and many other clients support this natively - you just have to make sure the client is configured to do that. Typically, in the configuration of the client, there is something that says something like save a copy of sent messages to folder of choice. I don't know what client you're using. I use Pine/Alpine, Thunderbird, and Outlook (when I have no other choice). If the end-user's client is using pop, then you have a problem that may require a custom solution like you speak of above. Any ideas? Maybe a link to some good info? I would like to know how to do this myself so I can do more in the future so info and pointers would be great (if you have a script you'd like to share then please show me how it works :) ). Cheers My mail system is running postfix (mta) w/ dovecot (for imap or pop access from the clients), maildrop (for delivering to a maildir), and amavis-new (for spam filtering and virus scanning w/ clamav). My mail clients are configured for imap, and they save copies of sent mail to the sent folder as expected. While I am using dovecot, and not courier, for my imap server - I cannot imagine that any other imap server would handle things any differently ... it's core functionality that ever imap server should have imho. -George Me too. It may be possible to save a copy in evolution, but I haven't found it in all clients. Plus my system needs to be suitable for a webmail system, and yes some pop clients. You sound like you know maildrop very well, I was considering using it as a part of the solution. If I wrote a milter script for postfix, is it possible to pass the message to maildrop so that it can take care of the formalities such as filenames and formats and tell it to put it in a sent folder? Something like a shell or perl script that uses this line to run maildrop: maildrop -d $user Maildir/.Sent Obviously the message itself will be piped, and the $user will be obtained by copying the from field in the message. Would something like this work? I've been searching on google but haven't found a clear answer, they only mention using maildrop filters and commands there- not actual usage of the maildrop cli. Cheers If you wrote a filter for postfix, which I have no idea how to do, the maildrop command you sight looks good. A friend of mine is using round cube for web mail (I don't have webmail setup on my server), and it will also save a copy to the sent folder. Most of the web clients should provide this functionality. The pop clients are the ones that are going to be an issue. I'm not sure what Google is using for gmail. But, when I send a message using their smtp service, a copy goes into my account. So, what you're looking to do is obviously possible, but I do not have an experience with it as I have not had need for a solution yet. I would certainly be interested in what you come up with though. Another possible option is to configure the clients to always bcc the sender, and then write a maildrop rule. Something
Re: Postfix, maildir's, and writing filters
Da Rock wrote: On Mon, 2008-09-22 at 20:53 -0400, George Fazio wrote: Da Rock wrote: Howdy. This may seem simple, but I'm completely green on this: I have a postfix server with a courier-imap client frontend using maildir's. I'm using imap for an internal mta, but I need to setup a system which retains copies of sent emails on the network and not on individual workstations (which is what happens currently). When you say courier-imap client, do you mean you're using maildrop to deliver the message to the user's maildir or that there is an end-user courier-imap client? I am only familiar with the maildrop piece of courier. I've looked at some of the solutions (bcc and send to a psuedo account for each user, bcc to the user and filter the incoming mail on this) but it seems like a very roundabout way of doing things. I've read up on Postfix, and there is support for custom filters, so: 1. what does it take to write one? 2. how does one copy email from one folder to another in maildirs? Is it possible? This is a classic case of over engineering. You do not want to bcc back to the user, or filter the mta, just move the outgoing messages to the sent folder. You might need bcc for the purposes of journaling all email, if you have any legal requirement (sox, hippa, etc.) that require it. But, that it another ball of wax entirely. This idea I have should filter the outgoing mail and copy the messages to the sent folder as well as retaining its place in the queue. If the end-user's client is using imap and configured properly, it should do this for you. Thurderbird, the full version of Outlook (and probably Express), and many other clients support this natively - you just have to make sure the client is configured to do that. Typically, in the configuration of the client, there is something that says something like save a copy of sent messages to folder of choice. I don't know what client you're using. I use Pine/Alpine, Thunderbird, and Outlook (when I have no other choice). If the end-user's client is using pop, then you have a problem that may require a custom solution like you speak of above. Any ideas? Maybe a link to some good info? I would like to know how to do this myself so I can do more in the future so info and pointers would be great (if you have a script you'd like to share then please show me how it works :) ). Cheers My mail system is running postfix (mta) w/ dovecot (for imap or pop access from the clients), maildrop (for delivering to a maildir), and amavis-new (for spam filtering and virus scanning w/ clamav). My mail clients are configured for imap, and they save copies of sent mail to the sent folder as expected. While I am using dovecot, and not courier, for my imap server - I cannot imagine that any other imap server would handle things any differently ... it's core functionality that ever imap server should have imho. -George Me too. It may be possible to save a copy in evolution, but I haven't found it in all clients. Plus my system needs to be suitable for a webmail system, and yes some pop clients. You sound like you know maildrop very well, I was considering using it as a part of the solution. If I wrote a milter script for postfix, is it possible to pass the message to maildrop so that it can take care of the formalities such as filenames and formats and tell it to put it in a sent folder? Something like a shell or perl script that uses this line to run maildrop: maildrop -d $user Maildir/.Sent Obviously the message itself will be piped, and the $user will be obtained by copying the from field in the message. Would something like this work? I've been searching on google but haven't found a clear answer, they only mention using maildrop filters and commands there- not actual usage of the maildrop cli. Cheers If you wrote a filter for postfix, which I have no idea how to do, the maildrop command you sight looks good. A friend of mine is using round cube for web mail (I don't have webmail setup on my server), and it will also save a copy to the sent folder. Most of the web clients should provide this functionality. The pop clients are the ones that are going to be an issue. I'm not sure what Google is using for gmail. But, when I send a message using their smtp service, a copy goes into my account. So, what you're looking to do is obviously possible, but I do not have an experience with it as I have not had need for a solution yet. I would certainly be interested in what you come up with though. Another possible option is to configure the clients to always bcc the sender, and then write a maildrop rule. Something like if (/^From:[EMAIL PROTECTED]/) to Maildir/.Sent might work (I have not tested this rule, it may not function as desired). That would have to go in the .mailfilter file in each user's home dir. I think you can have global
Re: Postfix, maildir's, and writing filters
On Tue, 2008-09-23 at 08:24 -0400, George Fazio wrote: Da Rock wrote: On Mon, 2008-09-22 at 20:53 -0400, George Fazio wrote: Da Rock wrote: Howdy. This may seem simple, but I'm completely green on this: I have a postfix server with a courier-imap client frontend using maildir's. I'm using imap for an internal mta, but I need to setup a system which retains copies of sent emails on the network and not on individual workstations (which is what happens currently). When you say courier-imap client, do you mean you're using maildrop to deliver the message to the user's maildir or that there is an end-user courier-imap client? I am only familiar with the maildrop piece of courier. I've looked at some of the solutions (bcc and send to a psuedo account for each user, bcc to the user and filter the incoming mail on this) but it seems like a very roundabout way of doing things. I've read up on Postfix, and there is support for custom filters, so: 1. what does it take to write one? 2. how does one copy email from one folder to another in maildirs? Is it possible? This is a classic case of over engineering. You do not want to bcc back to the user, or filter the mta, just move the outgoing messages to the sent folder. You might need bcc for the purposes of journaling all email, if you have any legal requirement (sox, hippa, etc.) that require it. But, that it another ball of wax entirely. This idea I have should filter the outgoing mail and copy the messages to the sent folder as well as retaining its place in the queue. If the end-user's client is using imap and configured properly, it should do this for you. Thurderbird, the full version of Outlook (and probably Express), and many other clients support this natively - you just have to make sure the client is configured to do that. Typically, in the configuration of the client, there is something that says something like save a copy of sent messages to folder of choice. I don't know what client you're using. I use Pine/Alpine, Thunderbird, and Outlook (when I have no other choice). If the end-user's client is using pop, then you have a problem that may require a custom solution like you speak of above. Any ideas? Maybe a link to some good info? I would like to know how to do this myself so I can do more in the future so info and pointers would be great (if you have a script you'd like to share then please show me how it works :) ). Cheers My mail system is running postfix (mta) w/ dovecot (for imap or pop access from the clients), maildrop (for delivering to a maildir), and amavis-new (for spam filtering and virus scanning w/ clamav). My mail clients are configured for imap, and they save copies of sent mail to the sent folder as expected. While I am using dovecot, and not courier, for my imap server - I cannot imagine that any other imap server would handle things any differently ... it's core functionality that ever imap server should have imho. -George Me too. It may be possible to save a copy in evolution, but I haven't found it in all clients. Plus my system needs to be suitable for a webmail system, and yes some pop clients. You sound like you know maildrop very well, I was considering using it as a part of the solution. If I wrote a milter script for postfix, is it possible to pass the message to maildrop so that it can take care of the formalities such as filenames and formats and tell it to put it in a sent folder? Something like a shell or perl script that uses this line to run maildrop: maildrop -d $user Maildir/.Sent Obviously the message itself will be piped, and the $user will be obtained by copying the from field in the message. Would something like this work? I've been searching on google but haven't found a clear answer, they only mention using maildrop filters and commands there- not actual usage of the maildrop cli. Cheers If you wrote a filter for postfix, which I have no idea how to do, the maildrop command you sight looks good. A friend of mine is using round cube for web mail (I don't have webmail setup on my server), and it will also save a copy to the sent folder. Most of the web clients should provide this functionality. The pop clients are the ones that are going to be an issue. I'm not sure what Google is using for gmail. But, when I send a message using their smtp service, a copy goes into my account. So, what you're looking to do is obviously possible, but I do not have an experience with it as I have not had need for a solution yet. I would certainly be interested in what you come up with though. Another possible option is to configure the clients to always bcc the sender, and then write a maildrop rule. Something
Re: Postfix, maildir's, and writing filters
Hi, 2. how does one copy email from one folder to another in maildirs? Is it possible? This is as simple as copying the file, that's the great beauty of maildir. Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix, maildir's, and writing filters
On Mon, 2008-09-22 at 15:47 +0700, Olivier Nicole wrote: Hi, 2. how does one copy email from one folder to another in maildirs? Is it possible? This is as simple as copying the file, that's the great beauty of maildir. That is just one aspect of this task I have, but if I have postfix configured to use maildir inboxes does this mean the queue is maildir? Is a simple copy possible for this case? I've only just considered this possibility- thanks for the quick reply... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix, maildir's, and writing filters
On Monday 22 September 2008 10:29:36 Da Rock wrote: Howdy. This may seem simple, but I'm completely green on this: I have a postfix server with a courier-imap client frontend using maildir's. I'm using imap for an internal mta, but I need to setup a system which retains copies of sent emails on the network and not on individual workstations (which is what happens currently). Just so I'm clear, postfix will deliver all mail? If so: always_bcc (default: empty) Optional address that receives a blind carbon copy of each message that is received by the Postfix mail system. Note: if mail to the BCC address bounces it will be returned to the sender. Note: automatic BCC recipients are produced only for new mail. To avoid mailer loops, automatic BCC recipients are not generated for mail that Postfix forwards internally, nor for mail that Postfix generates itself. recipient_bcc_maps (default: empty) Optional BCC (blind carbon-copy) address lookup tables, indexed by recipient address. The BCC address (multiple results are not supported) is added when mail enters from outside of Postfix. I am not sure, whether forwards internally means mail between two users of the same postfix installation. It applies also to recipient_bcc_maps. If postfix won't do this, there's probably a good reason for it, so then I'd think twice if I really wanted this feature. -- Mel Problem with today's modular software: they start with the modules and never get to the software part. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix, maildir's, and writing filters
On Mon, 2008-09-22 at 19:18 +0200, Mel wrote: On Monday 22 September 2008 10:29:36 Da Rock wrote: Howdy. This may seem simple, but I'm completely green on this: I have a postfix server with a courier-imap client frontend using maildir's. I'm using imap for an internal mta, but I need to setup a system which retains copies of sent emails on the network and not on individual workstations (which is what happens currently). Just so I'm clear, postfix will deliver all mail? If so: always_bcc (default: empty) Optional address that receives a blind carbon copy of each message that is received by the Postfix mail system. Note: if mail to the BCC address bounces it will be returned to the sender. Note: automatic BCC recipients are produced only for new mail. To avoid mailer loops, automatic BCC recipients are not generated for mail that Postfix forwards internally, nor for mail that Postfix generates itself. recipient_bcc_maps (default: empty) Optional BCC (blind carbon-copy) address lookup tables, indexed by recipient address. The BCC address (multiple results are not supported) is added when mail enters from outside of Postfix. I am not sure, whether forwards internally means mail between two users of the same postfix installation. It applies also to recipient_bcc_maps. If postfix won't do this, there's probably a good reason for it, so then I'd think twice if I really wanted this feature. I've read about all that but its not what I'm looking for, thanks anyway. I just want to (possibly) send to a filter mail that comes into the queue, check to see if it has been generated by a local domain, and put a copy of the message in the sender's sent folder in the maildir. If there is a better way then I'm open to suggestion, but everything I've read so far (such as the bcc settings) appears to be a bandaid or workaround rather than attacking the solution head on. Its appears simpler to me to avoid using the mailer and filtering per recipient by simply copying using and external filter on postfix. I'm obviously not the only one who would like a feature like this for maildir setups on postfix based on how many times that suggested workaround appears on the google searches. Once I have worked out a proper solution I'll post it and I can almost guarantee the popularity of it :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix, maildir's, and writing filters
Da Rock wrote: Howdy. This may seem simple, but I'm completely green on this: I have a postfix server with a courier-imap client frontend using maildir's. I'm using imap for an internal mta, but I need to setup a system which retains copies of sent emails on the network and not on individual workstations (which is what happens currently). When you say courier-imap client, do you mean you're using maildrop to deliver the message to the user's maildir or that there is an end-user courier-imap client? I am only familiar with the maildrop piece of courier. I've looked at some of the solutions (bcc and send to a psuedo account for each user, bcc to the user and filter the incoming mail on this) but it seems like a very roundabout way of doing things. I've read up on Postfix, and there is support for custom filters, so: 1. what does it take to write one? 2. how does one copy email from one folder to another in maildirs? Is it possible? This is a classic case of over engineering. You do not want to bcc back to the user, or filter the mta, just move the outgoing messages to the sent folder. You might need bcc for the purposes of journaling all email, if you have any legal requirement (sox, hippa, etc.) that require it. But, that it another ball of wax entirely. This idea I have should filter the outgoing mail and copy the messages to the sent folder as well as retaining its place in the queue. If the end-user's client is using imap and configured properly, it should do this for you. Thurderbird, the full version of Outlook (and probably Express), and many other clients support this natively - you just have to make sure the client is configured to do that. Typically, in the configuration of the client, there is something that says something like save a copy of sent messages to folder of choice. I don't know what client you're using. I use Pine/Alpine, Thunderbird, and Outlook (when I have no other choice). If the end-user's client is using pop, then you have a problem that may require a custom solution like you speak of above. Any ideas? Maybe a link to some good info? I would like to know how to do this myself so I can do more in the future so info and pointers would be great (if you have a script you'd like to share then please show me how it works :) ). Cheers My mail system is running postfix (mta) w/ dovecot (for imap or pop access from the clients), maildrop (for delivering to a maildir), and amavis-new (for spam filtering and virus scanning w/ clamav). My mail clients are configured for imap, and they save copies of sent mail to the sent folder as expected. While I am using dovecot, and not courier, for my imap server - I cannot imagine that any other imap server would handle things any differently ... it's core functionality that ever imap server should have imho. -George ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix, maildir's, and writing filters
On Mon, 2008-09-22 at 20:53 -0400, George Fazio wrote: Da Rock wrote: Howdy. This may seem simple, but I'm completely green on this: I have a postfix server with a courier-imap client frontend using maildir's. I'm using imap for an internal mta, but I need to setup a system which retains copies of sent emails on the network and not on individual workstations (which is what happens currently). When you say courier-imap client, do you mean you're using maildrop to deliver the message to the user's maildir or that there is an end-user courier-imap client? I am only familiar with the maildrop piece of courier. I've looked at some of the solutions (bcc and send to a psuedo account for each user, bcc to the user and filter the incoming mail on this) but it seems like a very roundabout way of doing things. I've read up on Postfix, and there is support for custom filters, so: 1. what does it take to write one? 2. how does one copy email from one folder to another in maildirs? Is it possible? This is a classic case of over engineering. You do not want to bcc back to the user, or filter the mta, just move the outgoing messages to the sent folder. You might need bcc for the purposes of journaling all email, if you have any legal requirement (sox, hippa, etc.) that require it. But, that it another ball of wax entirely. This idea I have should filter the outgoing mail and copy the messages to the sent folder as well as retaining its place in the queue. If the end-user's client is using imap and configured properly, it should do this for you. Thurderbird, the full version of Outlook (and probably Express), and many other clients support this natively - you just have to make sure the client is configured to do that. Typically, in the configuration of the client, there is something that says something like save a copy of sent messages to folder of choice. I don't know what client you're using. I use Pine/Alpine, Thunderbird, and Outlook (when I have no other choice). If the end-user's client is using pop, then you have a problem that may require a custom solution like you speak of above. Any ideas? Maybe a link to some good info? I would like to know how to do this myself so I can do more in the future so info and pointers would be great (if you have a script you'd like to share then please show me how it works :) ). Cheers My mail system is running postfix (mta) w/ dovecot (for imap or pop access from the clients), maildrop (for delivering to a maildir), and amavis-new (for spam filtering and virus scanning w/ clamav). My mail clients are configured for imap, and they save copies of sent mail to the sent folder as expected. While I am using dovecot, and not courier, for my imap server - I cannot imagine that any other imap server would handle things any differently ... it's core functionality that ever imap server should have imho. -George Me too. It may be possible to save a copy in evolution, but I haven't found it in all clients. Plus my system needs to be suitable for a webmail system, and yes some pop clients. You sound like you know maildrop very well, I was considering using it as a part of the solution. If I wrote a milter script for postfix, is it possible to pass the message to maildrop so that it can take care of the formalities such as filenames and formats and tell it to put it in a sent folder? Something like a shell or perl script that uses this line to run maildrop: maildrop -d $user Maildir/.Sent Obviously the message itself will be piped, and the $user will be obtained by copying the from field in the message. Would something like this work? I've been searching on google but haven't found a clear answer, they only mention using maildrop filters and commands there- not actual usage of the maildrop cli. Cheers ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix issue
why are you not using your ISP to relay emails, using its mail gateway (which should have a static IP address)? ... I do not like the fact that a number of governments (including most european ones) now have the right to access all emails that pass through an ISP's server. They do not have the right to access private server systems unless they have a warrant. This *is* a valid concern, but it's not clear to me how it applies to messages that are being sent to public mailing lists where they will be as available to Big Brother as to anyone else. How about configuring your MTA to send anything going to a public list via your ISP, and send directly only messages that aren't going to be posted for the world to see? Another emerging issue is cable operators refusing to allow fixed IP address so they can receive revenue from reporting on user usage data. I seriously doubt that as a motivation. If anything, static IP assignments would make it *easier* to track per-customer usage. A more likely reason is that most residential users, even on cable or DSL, do not keep their router (or system, if they have only one and therefore don't use a router) on-line anywhere near 24-7. The ISP can serve several customers per IP address by using DHCP (so that customers occupy IP addresses only when on-line). ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix issue
On Mon, 8 Sep 2008 02:47:47 -0700, David Southwell [EMAIL PROTECTED] wrote: Hi Could anyone tell me what entry I should make in postfix configuration files to bounce mails directed to [EMAIL PROTECTED] that emanate from a source outside my local network. Sorry to ask the question here but postfix users mailing list is currently rejecting mails from servers on a dynamic ip address - so I cannot get through to ask a question there. I don't think that restriction is going to be lifted any time soon. So why are you not using your ISP to relay emails, using its mail gateway (which should have a static IP address)? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix issue
On Monday 08 September 2008 03:57:11 you wrote: On Mon, 8 Sep 2008 02:47:47 -0700, David Southwell [EMAIL PROTECTED] wrote: Hi Could anyone tell me what entry I should make in postfix configuration files to bounce mails directed to [EMAIL PROTECTED] that emanate from a source outside my local network. Sorry to ask the question here but postfix users mailing list is currently rejecting mails from servers on a dynamic ip address - so I cannot get through to ask a question there. I don't think that restriction is going to be lifted any time soon. So why are you not using your ISP to relay emails, using its mail gateway (which should have a static IP address)? I think the restriction is OTT especially in the light of civil liberties issues. I do not like the fact that a number of governments (including most european ones) now have the right to access all emails that pass through an ISP's server. They do not have the right to access private server systems unless they have a warrant. BIG BROTHER is watching far too much. Frankly I am surprised that organisations such as Postfix are not aware of the issue and realise the civil liberties implicati Another emerging issue is cable operators refusing to allow fixed IP address so they can receive revenue from reporting on user usage data. Additionally low volume users, unless they pay a high premium and subscribe to a business service cannot acquire fixed IPs. IN some areas that are primarily residential they will not even allow fixed IPs at any price. This movement to commercialise the internet and limit access in this way is deplorable when there are alternative methods of dealing with legitimate problems. David ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix issue
On Monday 08 September 2008 03:38:05 Sahil Tandon wrote: David Southwell [EMAIL PROTECTED] wrote: Could anyone tell me what entry I should make in postfix configuration files to bounce mails directed to [EMAIL PROTECTED] that emanate from a source outside my local network. After permitting your networks in the smtpd_recipient_restrictions, use check_recipient_access to REJECT any messages with an RCPT TO [EMAIL PROTECTED] http://www.postfix.org/postconf.5.html#check_recipient_access http://www.postfix.org/access.5.html Thanks very much.. I seem to be struggling getting with the postfix command structure. If you have the time would you be kind enough to give me specific examples of the actual entries to be made in the appropriate files. In case it is relevant my server has a number of virtual domains but the problem I am getting is on the primary address for the mail server. Assume the email address in question is [EMAIL PROTECTED] which appears to be subjected to problems and I want to permit only addresses on the local network to send emails to that address. Thanks in advance No problem if you are too busy David ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix issue
On Monday 08 September 2008 04:10:11 Sahil Tandon wrote: David Southwell [EMAIL PROTECTED] wrote: Sorry to ask the question here but postfix users mailing list is currently rejecting mails from servers on a dynamic ip address - so I cannot get through to ask a question there. Incidentally, your IP is also listed on several RBLs. You are right - that is why I am asking this question to help me fix the problem. Someone hacked our network. I have fixed most stuff but need to fix this issue to close the final door. !!! Someone got a trojan onto my wifes windows 32 bit system which has access to my picture library (I am a photographer). It has taken me three days to fix the problem there and then I found they had used that route to get onto the freebsd server. I have blocked that access now but there are some things to fix on the mail suystem and this is one of them. I think I have closed most loopholes now. If you could help me with this one it would be appreciated. Thanks for your help David ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix issue
I do not like the fact that a number of governments (including most european ones) now have the right to access all emails that pass through an ISP's only if you use big operators. BIG BROTHER is watching far too much. Frankly I am surprised that we have democracy. in democracy majority decides for everybody. majority wanted it for they own good. minority has to shut up or go away. Another emerging issue is cable operators refusing to allow fixed IP address so they can receive revenue from reporting on user usage data. could you please tell more about the sentence above. maybe it's my bad english but i don't understand. why constantly changing user IP could help reporting user data and getting revenue? This movement to commercialise the internet and limit access in this way is deplorable when there are alternative methods of dealing with legitimate even now we are more restricted than people in China, where they have chinese internet with very very limited access to outside, but withing chinese internet there are very little limits. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix issue
On Monday 08 September 2008 04:19:11 Wojciech Puchar wrote: I do not like the fact that a number of governments (including most european ones) now have the right to access all emails that pass through an ISP's only if you use big operators. All UK operators are big operators and covered by this -- if you provide internet access you jhave to give government access!! BIG BROTHER is watching far too much. Frankly I am surprised that we have democracy. in democracy majority decides for everybody. majority wanted it for they own good. minority has to shut up or go away. A democracy that does not respect minority rights including civil liberties is not a democracy but an authoritarian state. Another emerging issue is cable operators refusing to allow fixed IP address so they can receive revenue from reporting on user usage data. could you please tell more about the sentence above. maybe it's my bad english but i don't understand. why constantly changing user IP could help reporting user data and getting revenue? They keep track of who is connected by using hardware info and by use of login security. This movement to commercialise the internet and limit access in this way is deplorable when there are alternative methods of dealing with legitimate even now we are more restricted than people in China, where they have chinese internet with very very limited access to outside, but withing chinese internet there are very little limits. Whether anyone else is more or less affected is irrelevant. I would not want to sanction state executions in my own country because state executions are permitted in either USA or China or Iran or Iraq!! Neither would I want to approve breaches of civil liberties because there are breaches in Chine. David ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix issue
On Mon, 8 Sep 2008 04:33:14 -0700, David Southwell [EMAIL PROTECTED] wrote: On Monday 08 September 2008 03:57:11 you wrote: On Mon, 8 Sep 2008 02:47:47 -0700, David Southwell [EMAIL PROTECTED] wrote: Could anyone tell me what entry I should make in postfix configuration files to bounce mails directed to [EMAIL PROTECTED] that emanate from a source outside my local network. Sorry to ask the question here but postfix users mailing list is currently rejecting mails from servers on a dynamic ip address - so I cannot get through to ask a question there. I don't think that restriction is going to be lifted any time soon. So why are you not using your ISP to relay emails, using its mail gateway (which should have a static IP address)? I think the restriction is OTT especially in the light of civil liberties issues. I do not like the fact that a number of governments (including most european ones) now have the right to access all emails that pass through an ISP's server. They do not have the right to access private server systems unless they have a warrant. 'Civil liberties' are only meaningful in the context of a specific 'civilization'. Welcome to the civilization that allows spammers to use dynamic IP addresses to disrupt, annoy, cause harm, commit commercial and all other sorts of fraud. It is not a perfect civilization, but it's the one we have, and trying to hide our heads in the sand about the *real* problem these restrictions are trying to solve isn't going to make things much better any time soon now. One may easily argue that the 'civil laws' that forbid stealing from other people are 'limiting the freedom we have to use the potentially boundless resources available all over the place'. I don't think anyone would consider the argument in favor of stealing as very sound. The same can be said of the IP address space. One can argue for days, for weeks, or even _years_, that requiring a static IP address to be able to post to a 'common resource' --like the mailing list-- is a limit to the freedom of everyone. I'm not very convinced this limit is as bad as you are trying to describe, though. In particular, I am not really convinced the 'freedom' of everyone to post from non-static IP addresses is worth the immediate problems this would cause by massively increasing the problems we have with spam mail even today. Giorgos ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix issue
On Monday 08 September 2008 04:47:49 Giorgos Keramidas wrote: On Mon, 8 Sep 2008 04:33:14 -0700, David Southwell [EMAIL PROTECTED] wrote: On Monday 08 September 2008 03:57:11 you wrote: On Mon, 8 Sep 2008 02:47:47 -0700, David Southwell [EMAIL PROTECTED] wrote: Could anyone tell me what entry I should make in postfix configuration files to bounce mails directed to [EMAIL PROTECTED] that emanate from a source outside my local network. Sorry to ask the question here but postfix users mailing list is currently rejecting mails from servers on a dynamic ip address - so I cannot get through to ask a question there. I don't think that restriction is going to be lifted any time soon. So why are you not using your ISP to relay emails, using its mail gateway (which should have a static IP address)? I think the restriction is OTT especially in the light of civil liberties issues. I do not like the fact that a number of governments (including most european ones) now have the right to access all emails that pass through an ISP's server. They do not have the right to access private server systems unless they have a warrant. 'civil liberties' are only meaningful in the context of a specific 'civilization'. Welcome to the civilization that allows spammers to use dynamic IP addresses to disrupt, annoy, cause harm, commit commercial and all other sorts of fraud. One may easily argue that the 'civil laws' that forbid stealing from other people are 'limiting the freedom we have to use the potentially boundless resources available all over the place'. I don't think anyone would consider the argument in favor of stealing as very sound. The same can be said of the IP address space. One can argue for days, nay for _weeks_ or even years, that requiring a static IP address to be able to post to a 'common resource' --like the mailing list-- is a limit to the freedom of everyone. I'm not very convinced this limit is as bad as you are trying to describe, though. Giorgos In yesterday's world anyone could send a physical letter to any address anywhere in the world. I get spam letters through the letter box it is up to me to chuck them in the bin. Why should the internet be different especially when the restrictions on fixed IPs are brought about soleley for commercial interests. If the same protocol was applied to physical mail then we would not have been allowed to send letters unless we had a big building to send it from and all letters would have had to have had a big building sending address. No banning on the grounds of address type is discriminations. Yes bad because there has been specific abuse and ban until the abuse is cleaned up.. but do not ban on type of address!! It would be like saying only the rich could send letters!! David ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix issue
On Monday 08 September 2008 05:09:03 Giorgos Keramidas wrote: On Mon, 8 Sep 2008 05:21:03 -0700, David Southwell [EMAIL PROTECTED] wrote: If the same protocol was applied to physical mail then we would not have been allowed to send letters unless we had a big building to send it from and all letters would have had to have had a big building sending address. We have a big building; it's called Post Office. Or do you think that someone determined enough cannot monitor where you are sending physical letters? I agree and they do BUT they need a warrant to do so!! That is the safeguard. With the internet no warrant is needed. There is no protection for civil liberties as applies with pohysical mail. David ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix issue
David Southwell: In yesterday's world anyone could send a physical letter to any address anywhere in the world. I get spam letters through the letter box it is up to me to chuck them in the bin. Why should the internet be different especially when the restrictions on fixed IPs are brought about soleley for commercial interests. Because of sheer volume... in yesterday's world one was not able to send thousands of letters in a few seconds for free...or by using services one has not paid for... -- Zbigniew Szalbot www.LCWords.com smime.p7s Description: S/MIME Cryptographic Signature
Re: Postfix issue
On Mon, 8 Sep 2008 05:21:03 -0700, David Southwell [EMAIL PROTECTED] wrote: If the same protocol was applied to physical mail then we would not have been allowed to send letters unless we had a big building to send it from and all letters would have had to have had a big building sending address. We have a big building; it's called Post Office. Or do you think that someone determined enough cannot monitor where you are sending physical letters? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix issue
David Southwell [EMAIL PROTECTED] wrote: Sorry to ask the question here but postfix users mailing list is currently rejecting mails from servers on a dynamic ip address - so I cannot get through to ask a question there. Incidentally, your IP is also listed on several RBLs. -- Sahil Tandon [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix issue
On Monday 08 September 2008 05:03:30 Zbigniew Szalbot wrote: David Southwell: In yesterday's world anyone could send a physical letter to any address anywhere in the world. I get spam letters through the letter box it is up to me to chuck them in the bin. Why should the internet be different especially when the restrictions on fixed IPs are brought about soleley for commercial interests. Because of sheer volume... in yesterday's world one was not able to send thousands of letters in a few seconds for free...or by using services one has not paid for... In the past world one paid to send and received for free. That was the deal. In the past people abused the mail system by using forged stamps or freepost labels. There is no difference. I pay for my connection to receive.. and pay for my connection to send. Some people just want to not paly their part in absorbing the risks that go with participation. It is up to us to defend our systems. To classify a whole load of users, the majority of whom are genuine, as invalid users is degrading and discriminatory. My point of viwew -- you are entitled to yours but IMHO not to enforce it!! David ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix issue
David Southwell [EMAIL PROTECTED] wrote: Could anyone tell me what entry I should make in postfix configuration files to bounce mails directed to [EMAIL PROTECTED] that emanate from a source outside my local network. After permitting your networks in the smtpd_recipient_restrictions, use check_recipient_access to REJECT any messages with an RCPT TO [EMAIL PROTECTED] http://www.postfix.org/postconf.5.html#check_recipient_access http://www.postfix.org/access.5.html -- Sahil Tandon [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix issue
On Mon, 8 Sep 2008 05:35:14 -0700 David Southwell [EMAIL PROTECTED] wrote: I agree and they do BUT they need a warrant to do so!! That is the safeguard. With the internet no warrant is needed. There is no protection for civil liberties as applies with pohysical mail. First of all, this is not a civil liberties issue. Are you so naive that you honestly believe that by using a dynamic IP rather than securing a static one or using your hosts mail service that you have made the interception and viewing of your mail by someone other than its intended recipient impossible? Furthermore, what are you transmitting that makes you so paranoid? Why not just use some form of encryption if you are so paranoid? Your claim of civil liberties is bogus. Consider the rights of other users, in this case the Postfix mailing list, that does not want to be inundated with SPAM and accordingly blocks mail from sites that fail authentication tests. In your case, reverse DNS. -- Gerard [EMAIL PROTECTED] She won' go Warp 7, Cap'n! The batteries are dead! signature.asc Description: PGP signature
Re: Postfix issue
David Southwell wrote: I pay for my connection to receive.. and pay for my connection to send. Some people just want to not paly their part in absorbing the risks that go with participation. It is up to us to defend our systems. Your server, your rules. You can whitelist or blacklist anyone you choose. The downside is that so can everybody else; your lack of non-generic rDNS means that mail to my server (alcatraz.sequestered.net) will bounce if not smarthosted through somewhere that has a static IP and properly configured DNS. This was deemed an acceptable threshold on my box when I was selecting anti-spam mechanisms. If you're that concerned about privacy, use GPG/PGP and request a key exchange. What's more is that I've applied that same metric at several employers, ranging from mid-sized businesses to universities. My previous (and current!) employers were familiar with all sides of the argument and ultimately decided to reject mail from dynamic address pools to combat spam. Complaining about it doesn't do much good, since (as previously stated) their server, their rules. To classify a whole load of users, the majority of whom are genuine, as invalid users is degrading and discriminatory. The majority of users smarthost their mail. If you want to retain control, drop the $15 a month on a VPS somewhere with a static IP, configure DNS correctly, and be your own smarthost; I did this for a while before I upgraded to a static IP at home. My point of viwew -- you are entitled to yours but IMHO not to enforce it!! Ah, but on my server I can enforce whatever makes the most sense for my userbase; my responsibility is to them, not to you. -- Jay Chandler / KB1JWQ Living Legend / Systems Exorcist Today's Excuse: multicasts on broken packets ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix pop-before-smtp
On Mon, 25 Aug 2008 19:38:04 +0200 Marcel Grandemange [EMAIL PROTECTED] wrote: I don't know if anyone will be able to assist me with this one, but two days ago I decided to redo our mail server. All went well except for one components.. Pop-before-smtp, it seems no matter what I did it would simply cause postfix hassles. Now I know pop-before-smtp is confed correctly as old working config was used... I also know that it DOES create the pop-before-smtp.db file on start if I delete it manually as test. I can also check if there are any ip's in db by doing pop-before-smtp -list. (IT OBVIOUSLY RETURNED NOTHIN) However postfix keeps throwing errors to the following.. Aug 25 15:31:21 thavinci postfix/smtpd[77983]: fatal: open database /usr/local/etc/postfix/pop-before-smtp.db: Invalid argument Aug 25 11:14:49 thavinci postfix/smtpd[88389]: fatal: open database /usr/local/etc/postfix/pop-before-smtp.db: Inappropriate file type or format Aug 25 12:17:11 thavinci postfix/smtpd[40445]: fatal: open database /usr/local/etc/postfix/pop-before-smtp.db: Bad file descriptor And that is the correct location and postfix was compile directly from ports with option BDB which I understand is required to read this file. Ive been trying for a day straight trying to resolve this and had to continue without this feature for now to allow mail to run.. At this stage I would worship the ground of anyone that could help me solve this!!! You would probably be better off asking your question on the Postfix forum. The mailing list is available here: http://www.postfix.org/lists.html You could also start here and search for an answer: http://www.postfix.org/start.html This link might also help you: http://popbsmtp.sourceforge.net/ If you do post on the Postfix forum, be sure to include the output of: 'postconf -n' along with the relevant portions of your log file. By the way, pop-before-smtp is rather deprecated. Why not use SASL/TLS instead? It is much more secure and is readily becoming a requirement with many ISPs. -- Gerard [EMAIL PROTECTED] Fantasies are free. NO!! NO!! It's the thought police signature.asc Description: PGP signature
Re: Postfix logging some OTP related permission denied messages
आशीष शुक्ल Ashish Shukla wrote: Hi, I'm running 7.0-RELEASE-p2 (amd64). I'm running Postfix 2.5.1_2,1 mail server instead of the default Sendmail which ships with base distribution. My mail server is working fine with no issues except that I noticed that some messages in /var/log/messages: 88 Jun 29 03:12:45 chateau postfix/smtpd[1159]: OTP unavailable because can't read/write key database /etc/opiekeys: Permission denied Jun 29 03:18:22 chateau postfix/smtpd[1535]: OTP unavailable because can't read/write key database /etc/opiekeys: Permission denied Jun 29 03:23:55 chateau postfix/smtpd[1873]: OTP unavailable because can't read/write key database /etc/opiekeys: Permission denied Jun 29 04:18:25 chateau postfix/smtpd[78118]: OTP unavailable because can't read/write key database /etc/opiekeys: Permission denied Jun 29 16:07:11 chateau postfix/smtpd[1712]: OTP unavailable because can't read/write key database /etc/opiekeys: Permission denied Jun 29 16:07:17 chateau postfix/smtpd[1712]: OTP unavailable because can't read/write key database /etc/opiekeys: Permission denied Jun 29 16:13:30 chateau postfix/smtpd[2125]: OTP unavailable because can't read/write key database /etc/opiekeys: Permission denied 88 I've not done anything explicitly to turn on support for One-time passwords in my system. Any ideas, reasons behind these messages ? TIA Greetings: I've seen some suggestions which involve making changes for allowing the access to the files, but my thoughts are if you are not making use of this feature this would be tantamount to a small form of security violation. The shortcut is probably just to give the group 'mail' rw permissions to opiekeys and don't overly muck with a config that works correctly. If when you installed Postfix it installed cyrus-sasl as a dependency you might try going into /usr/ports/security/cyrus-sasl2 and doing make config and clearing the checkbox option near the bottom OTP Enable OTP auth, then make deinstall, and make reinstall. However, my Postfix is only an extremely basic install and I've never seen these messages. A snippet from my Postfix main.cf: # sasl config broken_sasl_auth_clients = yes smtpd_sasl_local_domain = smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/usr/local/etc/postfix/sasl_passwd smtp_sasl_security_options = #smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks #smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks and wrt to sasl in /etc/rc.conf I have: saslauthd_enable=YES saslauthd_flags=-a sasldb I've also noticed the following in my /etc/group file, but I believe it has no bearing on this problem. mail:*:6:postfix Since I didn't build Cyrus-SASL without OTP I suspect it is turned on or somehow being activated in your Postfix config. The docs also say there is supposed to be an SASL config file somewhere in /usr/local/lib/sasl2, but I've never seen one. -Mike ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix logging some OTP related permission denied messages
,--- Michael Powell writes: | आशीष शुक्ल Ashish Shukla wrote: || Hi, || || I'm running 7.0-RELEASE-p2 (amd64). I'm running Postfix 2.5.1_2,1 mail || server instead of the default Sendmail which ships with base distribution. || || My mail server is working fine with no issues except that I noticed that || some messages in /var/log/messages: || | 88 || Jun 29 03:12:45 chateau postfix/smtpd[1159]: OTP unavailable because can't || read/write key database /etc/opiekeys: Permission denied Jun 29 03:18:22 || chateau postfix/smtpd[1535]: OTP unavailable because can't read/write key || database /etc/opiekeys: Permission denied Jun 29 03:23:55 chateau || postfix/smtpd[1873]: OTP unavailable because can't read/write key database || /etc/opiekeys: Permission denied Jun 29 04:18:25 chateau || postfix/smtpd[78118]: OTP unavailable because can't read/write key || database /etc/opiekeys: Permission denied Jun 29 16:07:11 chateau || postfix/smtpd[1712]: OTP unavailable because can't read/write key database || /etc/opiekeys: Permission denied Jun 29 16:07:17 chateau || postfix/smtpd[1712]: OTP unavailable because can't read/write key database || /etc/opiekeys: Permission denied Jun 29 16:13:30 chateau || postfix/smtpd[2125]: OTP unavailable because can't read/write key database || /etc/opiekeys: Permission denied 88 || || I've not done anything explicitly to turn on support for One-time || passwords in my system. || || Any ideas, reasons behind these messages ? || || TIA | Greetings: | I've seen some suggestions which involve making changes for allowing the | access to the files, but my thoughts are if you are not making use of this | feature this would be tantamount to a small form of security violation. | The shortcut is probably just to give the group 'mail' rw permissions to | opiekeys and don't overly muck with a config that works correctly. | If when you installed Postfix it installed cyrus-sasl as a dependency you | might try going into /usr/ports/security/cyrus-sasl2 and doing make config | and clearing the checkbox option near the bottom OTP Enable OTP auth, | then make deinstall, and make reinstall. Reinstall cyrus-sasl2 without OTP support worked, and now no more OTP related messages. | -Mike Thanks :) -- ·-- ·- ·--- ·- ···- ·- ·--·-· --· -- ·- ·· ·-·· ·-·-·- -·-· --- -- pgpByMxNcNFFY.pgp Description: PGP signature
Re: Postfix port broken?
This is due to these lines in the Makefile (with line numbers): 187 .if defined(WITH_VDA) 188 IGNORE= Waiting for a new patch that's work with 2.5.1 189 PATCH_SITES+= http://vda.sourceforge.net/VDA/ 190 PATCHFILES+=postfix-2.4.5-vda-ng.patch.gz 191 PATCH_DIST_STRIP= -p1 192 .endif make config would enable you to turn off virtual delivery agent. I'm not a postfix expert, but I believe VDA is only needed if you run virtual domains. fred On Mar 2, 2008, at 2:57 AM, Ezat wrote: Hello all, Not sure if correct list for this. Trying to install postfix today and came across this issue. === postfix-2.5.1_1,1 Waiting for a new patch that's work with 2.5.1. *** Error code 1 Stop in /usr/ports/mail/postfix. Anyone have same issue? ezat ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix port broken?
Thanks Fred others who have replied directly, The virtual domains are actually exactly what is required in this situation so I have fallen back to 2.4 port which will do for now. Ezat Fred Condo wrote: This is due to these lines in the Makefile (with line numbers): 187 .if defined(WITH_VDA) 188 IGNORE= Waiting for a new patch that's work with 2.5.1 189 PATCH_SITES+= [1]http://vda.sourceforge.net/VDA/ 190 PATCHFILES+=postfix-2.4.5-vda-ng.patch.gz 191 PATCH_DIST_STRIP= -p1 192 .endif make config would enable you to turn off virtual delivery agent. I'm not a postfix expert, but I believe VDA is only needed if you run virtual domains. fred On Mar 2, 2008, at 2:57 AM, Ezat wrote: Hello all, Not sure if correct list for this. Trying to install postfix today and came across this issue. === postfix-2.5.1_1,1 Waiting for a new patch that's work with 2.5.1. *** Error code 1 Stop in /usr/ports/mail/postfix. Anyone have same issue? ezat ___ [EMAIL PROTECTED] mailing list [3]http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [4][EMAIL PROTECTED] References 1. http://vda.sourceforge.net/VDA/ 2. mailto:freebsd-questions@freebsd.org 3. http://lists.freebsd.org/mailman/listinfo/freebsd-questions 4. mailto:[EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix quota per virtual domain
Hello, I am working on a Postfix email server for virtual domain. I was requested to implement quota per domain, not per user: the sum of mailboxes of all the users in the domain must not exceed the quota set for the domain. (All I could find was example where all users of the domain had a same quota amount, fixed for the domain, but each individual mailbox counts for its own quota.) Have you ever seen something like that? Best regards, Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix with Cyrus SASL
Michal F. Hanula wrote: Your postfix is trying to use saslauthd, which usually listens on /var/run/saslauthd/mux. The right way to fix this depends on whether you want to use saslauthd and the place you store your e-mail user data. I want authentication against /etc/passwd (ultimately), not using sasldb2.db. There is no /var/run/saslauthd/mux, and saslauthd doesn't appear installed -- I'm getting the impression that selecting Cyrus-SASL in the make config dialog box for the Postfix port doesn't completely install cyrus-sasl components. I'm guessing the solution is to completely install the cyrus-sasl2 port to enable the use of saslauthd. Yes? Or am I way off? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix with Cyrus SASL
--On Thursday, January 10, 2008 13:44:23 -0600 Shawn Barnhart
[EMAIL PROTECTED] wrote:
Michal F. Hanula wrote:
Your postfix is trying to use saslauthd, which usually listens on
/var/run/saslauthd/mux. The right way to fix this depends on whether
you want to use saslauthd and the place you store your e-mail user data.
I want authentication against /etc/passwd (ultimately), not using sasldb2.db.
There is no /var/run/saslauthd/mux, and saslauthd doesn't appear installed --
I'm getting the impression that selecting Cyrus-SASL in the make config
dialog box for the Postfix port doesn't completely install cyrus-sasl
components.
It should, because it calls this:
.if defined(WITH_SASL2)
LIB_DEPENDS+= sasl2.2:${PORTSDIR}/security/cyrus-sasl2
POSTFIX_CCARGS+=-DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I${LOCALBASE}/include
-I${LOCALBASE}/include/sasl
POSTFIX_AUXLIBS+= -L${LOCALBASE}/lib -lsasl2 -lpam -lcrypt
.endif
I'm guessing the solution is to completely install the cyrus-sasl2 port to
enable the use of saslauthd. Yes? Or am I way off?
Yes, you need to install saslauthd, however, if you checked the OPTION when you
installed Postfix, it's most likely already installed. You *also* need to
enable saslauthd in /etc/rc.conf:
[EMAIL PROTECTED] /usr/ports/mail/postfix]# grep sasl /etc/rc.conf
saslauthd_enable=YES
saslauthd_flags= -a pam -n 2
(This uses /etc/passwd through pam, btw.)
Look at /usr/local/etc/rc.d/saslauthd.sh for the options and flags available or
read man (8) saslauthd.
--
Paul Schmehl ([EMAIL PROTECTED])
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix with Cyrus SASL
Paul Schmehl wrote:
It should, because it calls this:
.if defined(WITH_SASL2)
LIB_DEPENDS+= sasl2.2:${PORTSDIR}/security/cyrus-sasl2
POSTFIX_CCARGS+=-DUSE_SASL_AUTH -DUSE_CYRUS_SASL
-I${LOCALBASE}/include -I${LOCALBASE}/include/sasl
POSTFIX_AUXLIBS+= -L${LOCALBASE}/lib -lsasl2 -lpam -lcrypt
.endif
Yes, you need to install saslauthd, however, if you checked the OPTION
when you installed Postfix, it's most likely already installed. You
*also* need to enable saslauthd in /etc/rc.conf:
[EMAIL PROTECTED] /usr/ports/mail/postfix]# grep sasl /etc/rc.conf
saslauthd_enable=YES
saslauthd_flags= -a pam -n 2
(This uses /etc/passwd through pam, btw.)
Look at /usr/local/etc/rc.d/saslauthd.sh for the options and flags
available or read man (8) saslauthd.
Either I'm totally fubar, or the ports snapshot I have is braindead as I
did select the SASL option when I built postfix and I have sasl libs in
/usr/local/lib and /usr/local/lib/sasl2 but none of the other sasl
components are installed. No saslauthd in /usr/local/etc/rc.d, no
manpage, just libraries mentioned above, and my postfix smtpd does
appear to have a sasl library run-time dependency per ldd.
Is the better fix to manually re-install the same Cyrus sasl port or
deinstall both it and postfix and rebuild postfix with the sasl option
and hope I get a complete build?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix with Cyrus SASL
On Thu, 10 Jan 2008 15:46:33 -0600
Shawn Barnhart [EMAIL PROTECTED] wrote:
Paul Schmehl wrote:
It should, because it calls this:
.if defined(WITH_SASL2)
LIB_DEPENDS+= sasl2.2:${PORTSDIR}/security/cyrus-sasl2
POSTFIX_CCARGS+=-DUSE_SASL_AUTH -DUSE_CYRUS_SASL
-I${LOCALBASE}/include -I${LOCALBASE}/include/sasl
POSTFIX_AUXLIBS+= -L${LOCALBASE}/lib -lsasl2 -lpam -lcrypt
.endif
Yes, you need to install saslauthd, however, if you checked the
OPTION when you installed Postfix, it's most likely already
installed. You *also* need to enable saslauthd in /etc/rc.conf:
[EMAIL PROTECTED] /usr/ports/mail/postfix]# grep sasl /etc/rc.conf
saslauthd_enable=YES
saslauthd_flags= -a pam -n 2
(This uses /etc/passwd through pam, btw.)
Look at /usr/local/etc/rc.d/saslauthd.sh for the options and flags
available or read man (8) saslauthd.
Either I'm totally fubar, or the ports snapshot I have is braindead
as I did select the SASL option when I built postfix and I have sasl
libs in /usr/local/lib and /usr/local/lib/sasl2 but none of the other
sasl components are installed. No saslauthd in /usr/local/etc/rc.d,
no manpage, just libraries mentioned above, and my postfix smtpd does
appear to have a sasl library run-time dependency per ldd.
Is the better fix to manually re-install the same Cyrus sasl port or
deinstall both it and postfix and rebuild postfix with the sasl
option and hope I get a complete build?
It has been awhile; however, if I remember correctly, the 'saslauthd'
daemon is not installed by Postfix. I think you are confusing this with
SASL in general. You might want to read the 'Complete Book of Postfix
for further information on getting SASL up and running. BTW, unless it
has changes, 'saslauthd' only handles plain text authentication.
--
Gerard
[EMAIL PROTECTED]
A chronic disposition to inquiry
deprives domestic felines of vital qualities.
signature.asc
Description: PGP signature
Re: Postfix with Cyrus SASL
--On Thursday, January 10, 2008 15:46:33 -0600 Shawn Barnhart
[EMAIL PROTECTED] wrote:
Paul Schmehl wrote:
It should, because it calls this:
.if defined(WITH_SASL2)
LIB_DEPENDS+= sasl2.2:${PORTSDIR}/security/cyrus-sasl2
POSTFIX_CCARGS+=-DUSE_SASL_AUTH -DUSE_CYRUS_SASL
-I${LOCALBASE}/include -I${LOCALBASE}/include/sasl
POSTFIX_AUXLIBS+= -L${LOCALBASE}/lib -lsasl2 -lpam -lcrypt
.endif
Yes, you need to install saslauthd, however, if you checked the OPTION
when you installed Postfix, it's most likely already installed. You
*also* need to enable saslauthd in /etc/rc.conf:
[EMAIL PROTECTED] /usr/ports/mail/postfix]# grep sasl /etc/rc.conf
saslauthd_enable=YES
saslauthd_flags= -a pam -n 2
(This uses /etc/passwd through pam, btw.)
Look at /usr/local/etc/rc.d/saslauthd.sh for the options and flags
available or read man (8) saslauthd.
Either I'm totally fubar, or the ports snapshot I have is braindead as I did
select the SASL option when I built postfix and I have sasl libs in
/usr/local/lib and /usr/local/lib/sasl2 but none of the other sasl components
are installed. No saslauthd in /usr/local/etc/rc.d, no manpage, just
libraries mentioned above, and my postfix smtpd does appear to have a sasl
library run-time dependency per ldd.
Is the better fix to manually re-install the same Cyrus sasl port or
deinstall both it and postfix and rebuild postfix with the sasl option and
hope I get a complete build?
If Postfix is working as you expect (except for auth of course), I would just
force the reinstall of sasl (or deinstall and reinstall if that's your
preferred method.)
Saslauthd is installed in /usr/local/sbin/saslauthd, btw.
--
Paul Schmehl ([EMAIL PROTECTED])
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix with Cyrus SASL
--On Thursday, January 10, 2008 17:01:03 -0500 Gerard [EMAIL PROTECTED]
wrote:
On Thu, 10 Jan 2008 15:46:33 -0600
Shawn Barnhart [EMAIL PROTECTED] wrote:
Paul Schmehl wrote:
It should, because it calls this:
.if defined(WITH_SASL2)
LIB_DEPENDS+= sasl2.2:${PORTSDIR}/security/cyrus-sasl2
POSTFIX_CCARGS+=-DUSE_SASL_AUTH -DUSE_CYRUS_SASL
-I${LOCALBASE}/include -I${LOCALBASE}/include/sasl
POSTFIX_AUXLIBS+= -L${LOCALBASE}/lib -lsasl2 -lpam -lcrypt
.endif
Yes, you need to install saslauthd, however, if you checked the
OPTION when you installed Postfix, it's most likely already
installed. You *also* need to enable saslauthd in /etc/rc.conf:
[EMAIL PROTECTED] /usr/ports/mail/postfix]# grep sasl /etc/rc.conf
saslauthd_enable=YES
saslauthd_flags= -a pam -n 2
(This uses /etc/passwd through pam, btw.)
Look at /usr/local/etc/rc.d/saslauthd.sh for the options and flags
available or read man (8) saslauthd.
Either I'm totally fubar, or the ports snapshot I have is braindead
as I did select the SASL option when I built postfix and I have sasl
libs in /usr/local/lib and /usr/local/lib/sasl2 but none of the other
sasl components are installed. No saslauthd in /usr/local/etc/rc.d,
no manpage, just libraries mentioned above, and my postfix smtpd does
appear to have a sasl library run-time dependency per ldd.
Is the better fix to manually re-install the same Cyrus sasl port or
deinstall both it and postfix and rebuild postfix with the sasl
option and hope I get a complete build?
It has been awhile; however, if I remember correctly, the 'saslauthd'
daemon is not installed by Postfix. I think you are confusing this with
SASL in general. You might want to read the 'Complete Book of Postfix
for further information on getting SASL up and running. BTW, unless it
has changes, 'saslauthd' only handles plain text authentication.
I think you're right. It's been a while for me as well, but looking at ports I
see that there's a totally separate cyrus-sasl2-saslauthd port, and it doesn't
appear to be a dependency for postfix.
I think saslauthd will handle kerberos as well as plaintext, but most people
use plaintext and then ssl-ize postfix to encrypt the session.
--
Paul Schmehl ([EMAIL PROTECTED])
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix with Cyrus SASL
Your postfix is trying to use saslauthd, which usually listens on /var/run/saslauthd/mux. The right way to fix this depends on whether you want to use saslauthd and the place you store your e-mail user data. mf -- Speak softly and carry a big lion pgpNdevFsSGQS.pgp Description: PGP signature
Re: (postfix) SPAM filter?
Eric Crist wrote: On Dec 17, 2007, at 2:36 AM, Jorn Argelo wrote: On Mon, 17 Dec 2007 00:20:50 +0530, Girish Venkatachalam [EMAIL PROTECTED] wrote: On 14:48:35 Dec 15, Jorn Argelo wrote: Greylisting only works so-so nowadays. There was a couple of months it was very effective, but that is long gone. Spammers aren't stupid, and they follow the development of anti-spam techniques as much as e-mail admins do. Greylisting is a start, but from my experience it is not nearly enough. I have heard this said elsewhere too. Yes don't rely solely on greylisting unless you're a lucky guy and don't get a lot of spam. I hear a lot of people saying that greylisting doesn't work, when I have actual numbers for my network proving it does. These numbers are from the first week of May 2007 to today: [snip] I'm not saying it doesn't work. As a matter of fact, we're making effective use of greylisting as well. With spamd you can see the sender address and the HELO for example, so you can make nice scripts of trapping forged e-mail addresses, incorrect HELO commands, empty sender addresses, stuff like that. Just the greylisting process itself is only working so-so in our environment. All I'm saying is that greylisting is a start and not a solution :) But like I said, YMMV. Jorn ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: (postfix) SPAM filter?
On Dec 17, 2007, at 7:56 AM, Eric Crist wrote: I hear a lot of people saying that greylisting doesn't work, when I have actual numbers for my network proving it does. These numbers are from the first week of May 2007 to today: Greylisted/Rejected Messages: 187560 Spam Tagged Messages: 3806 Virus Tagged Messages: 0 Bounced Messages:7 Total Messages Sent: 761 Total Messages Delivered:25345 I'd second the recommendation, although my stats don't keep long-term track of the difference between something greylisted and something bounced due to policy-weightd. Over the past year, I've had: Rejected Messages: 1,624,353 Spam Tagged Messages: 39,633 Virus Tagged Messages: 2947 Bounced Messages: 7609 Total sent: 103,433 Total received: 122,614 About 93% of the incoming traffic gets rejected permanently (via policy-weightd) or temporarily via greylisting; of the remainder, about 40% is tagged as spam and about 3% is tagged as viral. -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: (postfix) SPAM filter?
On Mon, 17 Dec 2007 00:20:50 +0530, Girish Venkatachalam [EMAIL PROTECTED] wrote: On 14:48:35 Dec 15, Jorn Argelo wrote: Greylisting only works so-so nowadays. There was a couple of months it was very effective, but that is long gone. Spammers aren't stupid, and they follow the development of anti-spam techniques as much as e-mail admins do. Greylisting is a start, but from my experience it is not nearly enough. I have heard this said elsewhere too. Yes don't rely solely on greylisting unless you're a lucky guy and don't get a lot of spam. Also I believe that rejecting e-mail is a big point of discussion. We had an internet e-mail environment built about 3 years ago, and there the users were terrorized by spam. We had some users getting 30 spam mails a day at least. This setup was running amavis, spamassassin, postfix, postgrey, dcc and razor. Unfortunately, over time the bayes filter got incorrectly trained, and it sometimes rejected valid e-mails. If there's something you DON'T want to happen it's that. And also troubleshooting those kind of things can be quite hard ... What about CRM114 and dspam? I played with dspam at home but I didn't really got it running as I wanted to. I didn't invest an awful lot of time in it though, so I cannot properly judge it. I never heard of CRM114, so I cannot say anything from that. Have you ever tried statistical filtering instead of heuristics with spamassassin? We rebuilt the environment from scratch. Right now we are running OpenBSD spamd + OpenBSD Packetfilter. This functions as greylisting / greptrapping in combination with the PF firewall. We made a couple of scripts to trap invalid / forged e-mail addresses that are greylisted. Also we make use of the uatraps / nixspam traplists, and our own generated blacklist generated from spam being sent to the postmaster. We had some problems with blacklisted entries in the past, but we worked around that. It goes further then that, but I will spare you all the details. pf(4) has some amazing features that come in handy for spam control. I guess it forms a key component of any spam blocking architecture. And it works in concert with the other OpenBSD niceties you point out like populating the tables with blacklists and whitelists, greytrapping and using the pf(4) anchor mechanism to automate stuff. Indeed. PF is very powerful and uses very little resources. Hats off to the OpenBSD guys for this. And indeed, I can recommend every e-mail admin to use a pf and spamd combination. It's awesome and you can do a lot with it. Check out the OpenBSD website for more info. The probability and state tracking options in pf(4) are pretty interesting too if used creatively. Very much so, it opens a lot of new options for you to handle blacklisted entries. On the second line we run Postfix / ClamSMTP / Clamd / Spamassassin. We removed Amavis because it was annoying to upgrade and we wanted to get rid of it, as we had problems with it in the past. With SpamAssassin we use sa-update and sa-learn to keep the rules up-to-date and make sure bayes gets properly trained. So we are marking e-mail as spam and no longer block it. Why? Simple ... we no longer want to block false positives. Again, there is more to this, but I will spare you all the details. But if you don't update virus signatures wouldn't that cause worms and malware propagation? I know I am digressing but I thought signature updation was critical to malware control... Well of course, but with clamd I also ment using freshclam :) So we keep our signature database up-to-date as well. Right now we have 2500 happy users. Their local helpdesks helped them with getting an Outlook rule in place to automatically move tagged e-mails to a spam folder. Just like their gmail, hotmail or Yahoo account does at home. Wow, this is great. I am not surprised to hear this. ;) The environment we have is certainly not the easiest one, but we automated many things, leaving us with practically no work on it. All the updating of rulesets / blacklists / whitelists /whatever goes by itself. Downside of an environment like this is that you will need quite some knowledge of all the components and how they work together. But hey, I got it running at home as well (a bit simpler though) and didn't had a single spam mail in my mailbox the last 4 months. Sure, the ones I do get are getting tagged and moved to my spam folder automatically, which I do with maildrop (though procmail does the job nicely too). All in all it works like a charm. Using the X-foobar headers I suppose? I just check the Subject header to see if it starts with *SPAM*. So yes, using the mail headers :) Well a long story, but maybe it is of use for someone else. As always, YMMV. Yes, very enlightening, many thanks. Glad to hear. Jorn ___
Re: (postfix) SPAM filter?
On Dec 17, 2007, at 2:36 AM, Jorn Argelo wrote: On Mon, 17 Dec 2007 00:20:50 +0530, Girish Venkatachalam [EMAIL PROTECTED] wrote: On 14:48:35 Dec 15, Jorn Argelo wrote: Greylisting only works so-so nowadays. There was a couple of months it was very effective, but that is long gone. Spammers aren't stupid, and they follow the development of anti-spam techniques as much as e-mail admins do. Greylisting is a start, but from my experience it is not nearly enough. I have heard this said elsewhere too. Yes don't rely solely on greylisting unless you're a lucky guy and don't get a lot of spam. I hear a lot of people saying that greylisting doesn't work, when I have actual numbers for my network proving it does. These numbers are from the first week of May 2007 to today: Greylisted/Rejected Messages: 187560 Spam Tagged Messages: 3806 Virus Tagged Messages: 0 Bounced Messages:7 Total Messages Sent: 761 Total Messages Delivered:25345 So, out of 25,345 messages that have been delivered to mailboxes, 3,806 of them were tagged as Spam by Spamassassin. Guessing at false positives based on what I see in my inbox (I'm the heaviest mail user on my network), about 10% are probably false positives. 25345/187560 = .1351 = 13.51% of email gets past greylisting. ((3806*.90)/25345) = .1351 = 13.51% of that email is considered Spam, which is probably correct. Based on those numbers, 162,215 messages were probably Spam. I'm guess it's Spam, as none of our users have complained that there is legitimate email failing to get through to their inbox. That would be ~88.8% of email hitting my systems is Spam. I would consider greylisting in my case VERY successful. What this doesn't take into consideration, however, is that I truly hate the delay of receiving a message from someone that isn't in the database, and as such, we're working on improving our SA rulesets and getting rid of greylisting. If my math is wrong here, please feel free to correct me, I'm by no means any good at it. ;) - Eric F Crist Secure Computing Networks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: (postfix) SPAM filter?
Heiko Wundram (Beenic) wrote: Am Donnerstag, 13. Dezember 2007 03:12:53 schrieb Chuck Swiger: Install the following: /usr/ports/mail/postfix-policyd-weight /usr/ports/mail/postgrey Just as an added suggestion: these two (very!) lightweight packages suffice to keep SPAM out of our company pretty much completely. Both are best used to reject mails before they even have to be delivered (in Postfix, this is a sender or recipient restriction, see the websites of the two projects for more details on how to set them up), so as a added bonus, people don't have to scroll through endless lists of mails marked as ***SPAM***. Greylisting only works so-so nowadays. There was a couple of months it was very effective, but that is long gone. Spammers aren't stupid, and they follow the development of anti-spam techniques as much as e-mail admins do. Greylisting is a start, but from my experience it is not nearly enough. Also I believe that rejecting e-mail is a big point of discussion. We had an internet e-mail environment built about 3 years ago, and there the users were terrorized by spam. We had some users getting 30 spam mails a day at least. This setup was running amavis, spamassassin, postfix, postgrey, dcc and razor. Unfortunately, over time the bayes filter got incorrectly trained, and it sometimes rejected valid e-mails. If there's something you DON'T want to happen it's that. And also troubleshooting those kind of things can be quite hard ... We rebuilt the environment from scratch. Right now we are running OpenBSD spamd + OpenBSD Packetfilter. This functions as greylisting / greptrapping in combination with the PF firewall. We made a couple of scripts to trap invalid / forged e-mail addresses that are greylisted. Also we make use of the uatraps / nixspam traplists, and our own generated blacklist generated from spam being sent to the postmaster. We had some problems with blacklisted entries in the past, but we worked around that. It goes further then that, but I will spare you all the details. On the second line we run Postfix / ClamSMTP / Clamd / Spamassassin. We removed Amavis because it was annoying to upgrade and we wanted to get rid of it, as we had problems with it in the past. With SpamAssassin we use sa-update and sa-learn to keep the rules up-to-date and make sure bayes gets properly trained. So we are marking e-mail as spam and no longer block it. Why? Simple ... we no longer want to block false positives. Again, there is more to this, but I will spare you all the details. Right now we have 2500 happy users. Their local helpdesks helped them with getting an Outlook rule in place to automatically move tagged e-mails to a spam folder. Just like their gmail, hotmail or Yahoo account does at home. The environment we have is certainly not the easiest one, but we automated many things, leaving us with practically no work on it. All the updating of rulesets / blacklists / whitelists /whatever goes by itself. Downside of an environment like this is that you will need quite some knowledge of all the components and how they work together. But hey, I got it running at home as well (a bit simpler though) and didn't had a single spam mail in my mailbox the last 4 months. Sure, the ones I do get are getting tagged and moved to my spam folder automatically, which I do with maildrop (though procmail does the job nicely too). All in all it works like a charm. Well a long story, but maybe it is of use for someone else. As always, YMMV. - Jorn I've had a setup with amavisd-new, spamassassin and clamav on another mail server (basically the same thing Chuck described), but for our current usage, these two are efficient enough not to warrant the upgrade to more powerful hardware (which would be required to run SpamAssassin properly). ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: (postfix) SPAM filter?
On 14:48:35 Dec 15, Jorn Argelo wrote: Greylisting only works so-so nowadays. There was a couple of months it was very effective, but that is long gone. Spammers aren't stupid, and they follow the development of anti-spam techniques as much as e-mail admins do. Greylisting is a start, but from my experience it is not nearly enough. I have heard this said elsewhere too. Also I believe that rejecting e-mail is a big point of discussion. We had an internet e-mail environment built about 3 years ago, and there the users were terrorized by spam. We had some users getting 30 spam mails a day at least. This setup was running amavis, spamassassin, postfix, postgrey, dcc and razor. Unfortunately, over time the bayes filter got incorrectly trained, and it sometimes rejected valid e-mails. If there's something you DON'T want to happen it's that. And also troubleshooting those kind of things can be quite hard ... What about CRM114 and dspam? Have you ever tried statistical filtering instead of heuristics with spamassassin? We rebuilt the environment from scratch. Right now we are running OpenBSD spamd + OpenBSD Packetfilter. This functions as greylisting / greptrapping in combination with the PF firewall. We made a couple of scripts to trap invalid / forged e-mail addresses that are greylisted. Also we make use of the uatraps / nixspam traplists, and our own generated blacklist generated from spam being sent to the postmaster. We had some problems with blacklisted entries in the past, but we worked around that. It goes further then that, but I will spare you all the details. pf(4) has some amazing features that come in handy for spam control. I guess it forms a key component of any spam blocking architecture. And it works in concert with the other OpenBSD niceties you point out like populating the tables with blacklists and whitelists, greytrapping and using the pf(4) anchor mechanism to automate stuff. The probability and state tracking options in pf(4) are pretty interesting too if used creatively. On the second line we run Postfix / ClamSMTP / Clamd / Spamassassin. We removed Amavis because it was annoying to upgrade and we wanted to get rid of it, as we had problems with it in the past. With SpamAssassin we use sa-update and sa-learn to keep the rules up-to-date and make sure bayes gets properly trained. So we are marking e-mail as spam and no longer block it. Why? Simple ... we no longer want to block false positives. Again, there is more to this, but I will spare you all the details. But if you don't update virus signatures wouldn't that cause worms and malware propagation? I know I am digressing but I thought signature updation was critical to malware control... Right now we have 2500 happy users. Their local helpdesks helped them with getting an Outlook rule in place to automatically move tagged e-mails to a spam folder. Just like their gmail, hotmail or Yahoo account does at home. Wow, this is great. I am not surprised to hear this. ;) The environment we have is certainly not the easiest one, but we automated many things, leaving us with practically no work on it. All the updating of rulesets / blacklists / whitelists /whatever goes by itself. Downside of an environment like this is that you will need quite some knowledge of all the components and how they work together. But hey, I got it running at home as well (a bit simpler though) and didn't had a single spam mail in my mailbox the last 4 months. Sure, the ones I do get are getting tagged and moved to my spam folder automatically, which I do with maildrop (though procmail does the job nicely too). All in all it works like a charm. Using the X-foobar headers I suppose? Well a long story, but maybe it is of use for someone else. As always, YMMV. Yes, very enlightening, many thanks. -Girish ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: (postfix) SPAM filter?
Am Samstag, 15. Dezember 2007 14:48:35 schrieb Jorn Argelo: snip Also I believe that rejecting e-mail is a big point of discussion. We had an internet e-mail environment built about 3 years ago, and there the users were terrorized by spam. We had some users getting 30 spam mails a day at least. This setup was running amavis, spamassassin, postfix, postgrey, dcc and razor. Unfortunately, over time the bayes filter got incorrectly trained, and it sometimes rejected valid e-mails. If there's something you DON'T want to happen it's that. And also troubleshooting those kind of things can be quite hard ... Neither of the two packages I recommended are anything close to bayesian filtering, as they don't actually take measure on the content of the mail (which isn't available anyway when the corresponding rules are effective in the Postfix restriction mechanism), but rather on the conditions the mail is received under. This is what makes them (much more) lightweight (than for example a full statistical or bayesian filter) in the first place. I've not had a single false positive which wasn't explained with incorrect or plain invalid mailserver configuration on the sender side so far with these two packages, and the possibility of a false negative in our current environment is something close to 1%, at least according to my mailbox (which gets publicized enough by posting to @freebsd.org addresses). -- Heiko Wundram Product Application Development ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: (postfix) SPAM filter?
--On December 16, 2007 8:13:34 PM +0100 Heiko Wundram (Beenic) [EMAIL PROTECTED] wrote: Neither of the two packages I recommended are anything close to bayesian filtering, as they don't actually take measure on the content of the mail (which isn't available anyway when the corresponding rules are effective in the Postfix restriction mechanism), but rather on the conditions the mail is received under. This is what makes them (much more) lightweight (than for example a full statistical or bayesian filter) in the first place. I've not had a single false positive which wasn't explained with incorrect or plain invalid mailserver configuration on the sender side so far with these two packages, and the possibility of a false negative in our current environment is something close to 1%, at least according to my mailbox (which gets publicized enough by posting to @freebsd.org addresses). I've been using policyd-weight for more than a year now, and I've had exactly one problem with it. It rejected legitimate mail because that particular ISP didn't have a clue about DNS. I tweaked the rules very slightly to cause a score for legitimate mail to fail just below the threshold for rejection, and I've not had a single false positive since. Policyd-weight rejects between 50% and 80% of the incoming mail (it varies by the day) before the mail server ever even processes it. I also use spamassassin, and I have set it up so that borderline mail that's rejected gets copied to a folder (/var/spool/spam) so I can review it. Occasionally I have to recover an email from that folder because it was falsely labeled as spam. Usually it's someone using incredimail or a similar service that loads up an email with all sorts of extra junk. Policyd-weight is the perfect complement to a tool like spamassassin. It gets rid of all the obvious spam (fake MXes, dailup mail servers, servers listed in multiple RBLs, etc.) before spamassassin has to make a decision about it. Paul Schmehl ([EMAIL PROTECTED]) Senior Information Security Analyst The University of Texas at Dallas http://www.utdallas.edu/ir/security/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: (postfix) SPAM filter?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi Sten and the rest,
We have a need for a relatively painless anti-spam solution that would
reduce the amount of incoming spam (via postfix mail router). The problem
is that i have little knowledge on what this actually means. Googling
reveals a whole universe of interesting ways but what should i pursue?
The things that are important to me is:
* Once it is setup then it would require no additional maintenance.
* Potential spam messages are marked with a special header that can be
filtered on user discretion on their local mail client software.
Neither performance, scalability, license nor cost is of much importance
to me at this point.
I have a different approach. I refuse all connections from ip's which
reverse DNS points to costumers of providers.
This gives a huge reduction of botnets.
Below my helo_checks and client_checks. Ofcourse use it for your own risk!
Besides this method I also use rbls's, greylisting, clamsmtpd, clamav,
procmail and spamassasin
###
# helo_checks.pcre
###
/^[0-9.]+$/ REJECT Please use your ISP's outgoing mail server -
HA
/^\|/ REJECT Please use your ISP's outgoing mail
server - HB
/^[\d\.]+$/ REJECT Please use your ISP's outgoing mail
server - HC
# H1 adsl,dial,dhcp,cable,retail,dynamic in helo
/(adsl|dial|dhcp|cable|retail|dynamic)/i REJECT Please use your ISP's
outgoing mail server - H1
# H2 customer,static,kabel in helo
/(customer|static|kabel)/i REJECT Please use your
ISP's outgoing mail server - H2
# H3 12345
# /\d{5}/ REJECT
Please use your ISP's outgoing mail server - H3
# H4 123-123-123
/\d{1,3}-\d{1,3}-\d{1,3}/ REJECT Please use
your ISP's outgoing mail server - H4
# H5 123.123.123
# /\d{1,3}\.\d{1,3}\.\d{1,3}/ REJECT Please use your
ISP's outgoing mail server - H5
###
# client_checks.pcre
###
# C1 adsl,dial,dhcp,cable,retail,dynamic in hostname
/(adsl|dial|dhcp|cable|retail|dynamic)/i 554 Please use your ISP's
outgoing mail server - C1
# C2 customer,static,kabel in hostname
/(customer|static|kabel)/i 554 Please use your
ISP's outgoing mail server - C2
# C3 123456
/\d{6}/ 554 Please
use your ISP's outgoing mail server - C3
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (MingW32) - GPGrelay v0.959
iD8DBQFHZYI8Ph5RwW/NzC4RAj1uAJ9saKRz9Q+daCcU7D/plXGRAdXflACfQ3KR
DpXkjMrMMITbqdSulZW8aBM=
=D4lA
-END PGP SIGNATURE-
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: (postfix) SPAM filter?
I have found spam assassin with nightly updates of the helpful (there are other people developing new regexs daily). 48 5 * * * /usr/local/bin/sa-update --channel updates.spamassassin.org /usr/local/etc/rc.d/sa-spamd restart There are other channels you can subscribe to. Another super helpful bocker is to block all inbound connections from IPs without reverse DNS. Don't forget to virus check your email while you are at it -- there are several packages (clamav is one). And finally, a couple of RBLs added into the mix are helpful. Awesome, i didn't see the subscriptions on their website. This is exactly what i need. -- Sten Daniel Soersdal Something else I would recommend if you end up going the spamassassin route is to look at rules emporium and rules du jour http://www.rulesemporium.com/rules.htm Rules Du Jour is a nice bash script that can automatically download and update the latest rules emporium rules for several different categories of spam. You just choose which rule lists you want to use (there are a lot of categories and then different levels of spam caught vs false positives within rule sets) and then set rules du jour as a nightly cron job to update your rule sets automatically. As some one else said, this lets you have other people keep your regexs up to date. I also added these lines to the top of the Rules Du Jour script to download a couple of other nice clamAV spam signatures: #update extra clam spam defs if [[ -d /var/lib/clamav/ ]]; then cd /var/lib/clamav/ wget --timestamping http://download.mirror.msrbl.com/MSRBL-SPAM.ndb cd /var/lib/clamav/ wget --timestamping http://www.sanesecurity.co.uk/clamav/scamsigs/scam.ndb.gz gunzip -cdf scam.ndb.gz scam.ndb fi #end update extra clam spam defs I also use these smtpd restrictions in main.cf: smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks, check_helo_access hash:/etc/postfix/helo_access, reject_non_fqdn_hostname, reject_invalid_hostname, permit smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/client_restrictions, permit_sasl_authenticated, permit_mynetworks, reject_non_fqdn_sender, reject_unknown_sender_domain, permit smtpd_recipient_restrictions = reject_unauth_pipelining, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unknown_sender_domain, check_sender_access hash:/etc/postfix/client_restrictions, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_rbl_client list.dsbl.org, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net, reject_rbl_client dnsbl.njabl.org, permit Most of that came from here: http://www.freesoftwaremagazine.com/articles/focus_spam_postfix/ Greylisting is great, and usually doesn't delay mail more than 5 minutes, but in some rare cases it can lead to mail delays of sometimes up to 4 or 5 hours (which is within RFC specs for resending after a 302 message). For my personal server, that is no problem, so I have implemented postgrey (with the stuff above) and get almost no spam ever. For a few businesses I run mail servers for, they expect email to be instant (I know it doesn't have to be technically, but that is what a lot of people expect now a days). For them 20 extra spam a day by not doing grey listing is an okay trade off so that one contact from the new client shows up in time, instead of 3 hours too late. Anyway, I hope this helps. I am always trying to find new great spam solutions (using postfix), so I will continue watching this tread with great interest. Most of the companies I setup mail servers for would rather have 30 spam delivered per user per day than have even 1 false positive or 1 significantly delayed mail, so it is always a tricky line to walk (at least for me) to block as much spam as I can, without ever delaying or blocking a ham message, so I am always looking for new ideas and solutions. Preston ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: (postfix) SPAM filter?
Hi Sten, I ran /usr/ports/security/amavisd-new for a year or so. I must admit, I didn't update it so more and more spam made it's way through. A mate tipped me off on trying: /usr/ports/mail/mailscanner Much easier to install than amavisd-new. I found it easier to understand the config file too. If you really get keen, there is a book you can purchase and it has great online help. There is also a nice optional webpage stats port/package: /usr/ports/mail/mailscanner-mrtg Now I only have 1 spam getting through every 3 days or so out of 350+ daily spam emails. I now have it running on 4 different sites. Cheers, Paul Hamilton -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Sten Daniel Soersdal Sent: Thursday, 13 December 2007 10:12 AM To: freebsd-questions Subject: (postfix) SPAM filter? We have a need for a relatively painless anti-spam solution that would reduce the amount of incoming spam (via postfix mail router). The problem is that i have little knowledge on what this actually means. Googling reveals a whole universe of interesting ways but what should i pursue? The things that are important to me is: * Once it is setup then it would require no additional maintenance. * Potential spam messages are marked with a special header that can be filtered on user discretion on their local mail client software. Neither performance, scalability, license nor cost is of much importance to me at this point. Any hints? -- Sten Daniel Soersdal ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: (postfix) SPAM filter?
Rudy wrote: Steve Bertrand wrote: * Once it is setup then it would require no additional maintenance. * Potential spam messages are marked with a special header that can be filtered on user discretion on their local mail client software. Yes, one recommendation for sure. Give up on your first goal. It'll never happen, because fighting spam is an arms race, with new tactics needing to be adopted. Amen (or Ahem, or what BSDie would say). There will *ALWAYS* be maintenance. If you are not developing new regexs and/or solutions to fight the daily produced techniques that make up SPAM, then you are implementing them. I have found spam assassin with nightly updates of the helpful (there are other people developing new regexs daily). 48 5 * * * /usr/local/bin/sa-update --channel updates.spamassassin.org /usr/local/etc/rc.d/sa-spamd restart There are other channels you can subscribe to. Another super helpful bocker is to block all inbound connections from IPs without reverse DNS. Don't forget to virus check your email while you are at it -- there are several packages (clamav is one). And finally, a couple of RBLs added into the mix are helpful. Awesome, i didn't see the subscriptions on their website. This is exactly what i need. -- Sten Daniel Soersdal ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: (postfix) SPAM filter?
On Wednesday 12 December 2007, Sten Daniel Soersdal said: We have a need for a relatively painless anti-spam solution that would reduce the amount of incoming spam (via postfix mail router). The problem is that i have little knowledge on what this actually means. Googling reveals a whole universe of interesting ways but what should i pursue? The things that are important to me is: * Once it is setup then it would require no additional maintenance. * Potential spam messages are marked with a special header that can be filtered on user discretion on their local mail client software. Neither performance, scalability, license nor cost is of much importance to me at this point. Any hints? SpamAssassin (in the ports tree). It's relatively easy to set up and can be used server wide or on an individual basis. Individuals can also override site-wide settings. Links to setting up with postfix can be found on the postfix site. Beech -- --- Beech Rintoul - FreeBSD Developer - [EMAIL PROTECTED] /\ ASCII Ribbon Campaign | FreeBSD Since 4.x \ / - NO HTML/RTF in e-mail | http://www.freebsd.org X - NO Word docs in e-mail | Latest Release: / \ - http://www.FreeBSD.org/releases/6.2R/announce.html --- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: (postfix) SPAM filter?
Sten Daniel Soersdal wrote: We have a need for a relatively painless anti-spam solution that would reduce the amount of incoming spam (via postfix mail router). The problem is that i have little knowledge on what this actually means. Googling reveals a whole universe of interesting ways but what should i pursue? The things that are important to me is: * Once it is setup then it would require no additional maintenance. * Potential spam messages are marked with a special header that can be filtered on user discretion on their local mail client software. Neither performance, scalability, license nor cost is of much importance to me at this point. Any hints? No additional maintenance (less user add/delete)?: http://www.postini.com Unfortunately, it's been years since I've used their services so I can't remember if they have the ability to mark and pass. It's a hands-off solution that works. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: (postfix) SPAM filter?
* Once it is setup then it would require no additional maintenance. * Potential spam messages are marked with a special header that can be filtered on user discretion on their local mail client software. Neither performance, scalability, license nor cost is of much importance to me at this point. Any hints? SpamAssassin (in the ports tree). It's relatively easy to set up and can be used server wide or on an individual basis. Individuals can also override site-wide settings. Links to setting up with postfix can be found on the postfix site. I was going to recommend that, but from my experience, there is no real *easy* way to allow users directly to modify their own settings. I am probably wrong though. Another solution (which is also not a do-it-yourself), is http://barracuda.com. We switched from Postini to an internal Barracuda cluster and have never looked back. I might add that I personally run an ancient version of SpamAssassin on my personal box which still works, and I have an upgraded box coming down the pipe. I have no experience with having inexperienced users manage their own account with it though. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: (postfix) SPAM filter?
On Wednesday 12 December 2007, Sten Daniel Soersdal said: We have a need for a relatively painless anti-spam solution that would reduce the amount of incoming spam (via postfix mail router). The problem is that i have little knowledge on what this actually means. Googling reveals a whole universe of interesting ways but what should i pursue? The things that are important to me is: * Once it is setup then it would require no additional maintenance. * Potential spam messages are marked with a special header that can be filtered on user discretion on their local mail client software. I should also mention that SpamAssassin has exactly such an option and doesn't require any hands on except for an occasional update once set up. Neither performance, scalability, license nor cost is of much importance to me at this point. Any hints? Beech -- --- Beech Rintoul - FreeBSD Developer - [EMAIL PROTECTED] /\ ASCII Ribbon Campaign | FreeBSD Since 4.x \ / - NO HTML/RTF in e-mail | http://www.freebsd.org X - NO Word docs in e-mail | Latest Release: / \ - http://www.FreeBSD.org/releases/6.2R/announce.html --- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: (postfix) SPAM filter?
On Dec 12, 2007, at 5:12 PM, Sten Daniel Soersdal wrote: We have a need for a relatively painless anti-spam solution that would reduce the amount of incoming spam (via postfix mail router). The problem is that i have little knowledge on what this actually means. Googling reveals a whole universe of interesting ways but what should i pursue? The things that are important to me is: * Once it is setup then it would require no additional maintenance. * Potential spam messages are marked with a special header that can be filtered on user discretion on their local mail client software. Install the following: /usr/ports/mail/postfix-policyd-weight /usr/ports/mail/postgrey /usr/ports/mail/p5-Mail-SpamAssassin /usr/ports/security/amavisd-new /usr/ports/security/clamav policyd + postgrey provide rather good, very lightweight initial filtering of email without taking up a lot of memory or resources, and remove a lot of workload, so that the Amavisd+ClamAV+SA combination only has to do virus-scanning and SpamAssassin's expensive Bayesian word-mangling on emails which seem to be legit. Regards, -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: (postfix) SPAM filter?
On Wed, 12 Dec 2007 20:55:45 -0500 Steve Bertrand [EMAIL PROTECTED] wrote: I was going to recommend that, but from my experience, there is no real *easy* way to allow users directly to modify their own settings. I am probably wrong though. Postfix is running here on a FreeBSD server as a boarder filter server. All bayes and per-user SpamAssassin settings are stored within a MySQL database on our SQL server. The web mail interface is SquirrelMail installed on a different FreeBSD server and has the sasql plugin interfaced to the MySQL server so the customers have control over what they want to set their spam score, whitelist, blacklist, whether they want bayes filtering, whether they want bayes autolearn and so forth. It has been pretty low maintenance. I am in the process of evaluating the possibility of using amavis-new. -- _|_ (_| | ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: (postfix) SPAM filter?
On Thursday 13 December 2007 03:35:00 Duane Hill wrote: It has been pretty low maintenance. I am in the process of evaluating the possibility of using amavis-new. I used amavis-new on a Linux system and lost the ability to have per-user settings. I had to go with a systemwide setting and I don't know if amavis allows per-user configuration. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: (postfix) SPAM filter?
Duane Hill wrote: On Wed, 12 Dec 2007 20:55:45 -0500 Steve Bertrand [EMAIL PROTECTED] wrote: I was going to recommend that, but from my experience, there is no real *easy* way to allow users directly to modify their own settings. I am probably wrong though. Postfix is running here on a FreeBSD server as a boarder filter server. All bayes and per-user SpamAssassin settings are stored within a MySQL database on our SQL server. The web mail interface is SquirrelMail installed on a different FreeBSD server and has the sasql plugin interfaced to the MySQL server so the customers have control over what they want to set their spam score, whitelist, blacklist, whether they want bayes filtering, whether they want bayes autolearn and so forth. It has been pretty low maintenance. I am in the process of evaluating the possibility of using amavis-new. For myself, I've run a very similar environment with a lot of custom hacked software to integrate it all. The reason I haven't upgraded yet is because I've hacked so much of squirrelmail and other aspects of the setup since 2004 that there will be no way for me to carry things over (easily;) Depending on what way one looks at it, It may be good or bad that I don't really have time to follow what is happening with SPAM prevention in regards to Open Source anymore. I agree that SA/ClamAV/maildrop is an excellent setup, particularly running atop of Qmail with VPOPMail etc. I also have used Sendmail with milters and procmail to do the same thing...extensively. Realistically, it comes down to what the OP wants. I am but one operator in a 'small' ISP. I also manage it's support department. The truth is that once the OP stated that budget wasn't an issue, and he wanted essentially a turnkey solution, the easiest and most cost-effective method that I have learned is outsource it. If you can afford the bandwidth to filter in house, then you can also afford to have a 24*7*1hr support contract with a vendor so your support staff can do some of your work for you (or play games). If you can't afford bandwidth inbound, but still want your help-desk staff and yourself available, outsource to someone or some entity who specializes on only email security so they can filter before the mail touches your network. Otherwise, install/maintain yourself. Understand I am not trying to negate the use/feasibility of any software. I am running with the fact that cost for the OP is no issue. If that is truly the case, then why do it yourself when you can pay someone else who knows better to do it for you? The cost savings on headaches and lost time on downed equipment alone are more than worth it. ...I'm being too business-minded, and too obtuse. Back to figuring out why DBD::mysql won't compile on my legacy FreeBSD box I go... Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: (postfix) SPAM filter?
On 12/12/07, Sten Daniel Soersdal [EMAIL PROTECTED] wrote: We have a need for a relatively painless anti-spam solution that would reduce the amount of incoming spam (via postfix mail router). The problem is that i have little knowledge on what this actually means. Googling reveals a whole universe of interesting ways but what should i pursue? The things that are important to me is: * Once it is setup then it would require no additional maintenance. * Potential spam messages are marked with a special header that can be filtered on user discretion on their local mail client software. Neither performance, scalability, license nor cost is of much importance to me at this point. Any hints? Yes, one recommendation for sure. Give up on your first goal. It'll never happen, because fighting spam is an arms race, with new tactics needing to be adopted. As for the second goal, spamassassin along with one of several packages will do well for you - I use Maia Mailguard, but I've heard good things about MailZu with Amavisd-new as well. Others will talk about other packages. It's worth taking a look at each of them to figure out what works for you. Kurt ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: (postfix) SPAM filter?
* Once it is setup then it would require no additional maintenance. * Potential spam messages are marked with a special header that can be filtered on user discretion on their local mail client software. Yes, one recommendation for sure. Give up on your first goal. It'll never happen, because fighting spam is an arms race, with new tactics needing to be adopted. Amen (or Ahem, or what BSDie would say). There will *ALWAYS* be maintenance. If you are not developing new regexs and/or solutions to fight the daily produced techniques that make up SPAM, then you are implementing them. If there is anyone who disagrees, then you likely have not dealt with SPAM in an organization larger than a few thousand dispersed and non-educated users. If you have such, and you have no maintenance, then I beg your pardon. Others will talk about other packages. It's worth taking a look at each of them to figure out what works for you. ...agreed. It's also worth taking a look at ALL options, not just 'packages' to figure out what works for you. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
