hotmail problem
sorry for this generic mail system question i've got a problem with hotmail; when i send mail to a particular domain ( example.com) sometimes it bounce back saying : This is an automatically generated Delivery Status Notification. Delivery to the following recipients failed. a...@example.com Final-Recipient: rfc822;a...@example.com rfc822%3...@example.com Action: failed Status: 5.7.1 Diagnostic-Code: smtp;554 5.7.1 a...@example.com: Recipient address rejected: Access denied it's not even reaching the recipient's mx but sometimes it get delivered; the problem started very recently; any clue about this! appreciate some guidance -bharathan
Re: Bounces resulting from forwarded Mails
On Wed, 2010-04-07 at 11:59 +0200, lst_ho...@kwsoft.de wrote: Zitat von Michael Weissenbacher m...@dermichi.com: Hi List! I am having the problem that our Postfix Mail Server generates too many bounces which unfortunately results in getting listed (at least at backscatterer.org). Having digged deepter into the problem i already read and followed [1] as well as the obvious stuff like correct local_recipient_maps. The problem i now have is like the following: - our server accepts mail for localu...@localdomain.com - there is a entry in /etc/postfix/virtual that forwards this mail to foreignu...@foreigndomain.com (which is a legitemate destination and usually accepts mails without a problem) - the foreign server detects spam or a virus and rejects the delivery, i get an entry in mail.log like: status=bounced (host email.foreigndomain.com[1.2.3.4] said: 554 mail server rejected message: spam or virus detected (#5.3.0) (in reply to end of DATA command) Find out why the host rejected the mail. I assume your mails are not spam and they dont have a virus ( Email virus is almost a non-issue now a days ) Are all the forwarded mails getting rejected , or only a few I suspect the recipient server is doing an SPF check. So you wont be able to forward unless you change the envelope. Thanks Ram
Re: Mailgateway
Thank you, Noel!
I got that running - mostly :)
Server A (MX, SMTP: smtp.example.com) has:
relay_domains = $myhostname, localhost.$mydomain, localhost,
/etc/postfix/mydomains
relay_transport = smtp:[smtp.example.com]
mynetworks = [ip.ad.dr.es], ...
Where /etc/postfix/mydomains lists all domains to be relayed and the
relay_transport is the IP of Server B:
Server B (IMAP, imap.example.com) has:
relayhost = [smtp.example.com]
mydestination = $myhostname, localhost.$mydomain, localhost,
/etc/postfix/mydomains
mynetworks = [ip.ad.dr.es], ...
This setup works for me - beside one problem:
The /etc/aliases of Server A will not be honored, which means that all
mail to any of the domains will be transported to Server B, which in
turn will bounce the mail.
I would like to let already Server A bounce those mails!
Using a relay_recipient_maps as you wrote, seems to be the right way,
but i cannot get it running.
Like in a /etc/aliases file, i want to accept certain users for all domains.
I tried to create the file as follows:
awk -F: '{print $1}' /etc/aliases | egrep -v ^(#|$) | awk '{print $1@
OK}' | sort -u relay_recipient_map
So, for example, it contains lines like:
user1@ OK
user2@ OK
But this does not work :-(
I would not like to list all users for all domains, but just accept mail
to the existing users for ALL domains (as shown in my example above).
Is there a way to reach that goal?
Or do i need to add one line for each user in every domain?
Thank you!
:)
Multiple access lists
Hi all, I have configured my Postfix to use multiple access lists like that: check_client_access hash:/usr/pkg/etc/postfix-in/list1, hash:/usr/pkg/etc/postfix-in/list2 I think this has worked some time, but it does not now - list2 seems not to be used. I do not find anything in official docs or Google about using multiple lists. Is this not possible (any more), does it need a different syntax? Any hint or help is appreciated. Dirk
Re: Mailgateway
I got caught by that already :-O
My server bounced two mails from the list (having relay_recipient_maps
set up wrongly) - and i have no idea if that was already an answer ...
So, if somebody answered to my last mail, please send it again.
:)
Sorry for that!
postfix-us...@tja-server.de schrieb:
Thank you, Noel!
I got that running - mostly :)
Server A (MX, SMTP: smtp.example.com) has:
relay_domains = $myhostname, localhost.$mydomain, localhost,
/etc/postfix/mydomains
relay_transport = smtp:[smtp.example.com]
mynetworks = [ip.ad.dr.es], ...
Where /etc/postfix/mydomains lists all domains to be relayed and the
relay_transport is the IP of Server B:
Server B (IMAP, imap.example.com) has:
relayhost = [smtp.example.com]
mydestination = $myhostname, localhost.$mydomain, localhost,
/etc/postfix/mydomains
mynetworks = [ip.ad.dr.es], ...
This setup works for me - beside one problem:
The /etc/aliases of Server A will not be honored, which means that all
mail to any of the domains will be transported to Server B, which in
turn will bounce the mail.
I would like to let already Server A bounce those mails!
Using a relay_recipient_maps as you wrote, seems to be the right way,
but i cannot get it running.
Like in a /etc/aliases file, i want to accept certain users for all
domains.
I tried to create the file as follows:
awk -F: '{print $1}' /etc/aliases | egrep -v ^(#|$) | awk '{print $1@
OK}' | sort -u relay_recipient_map
So, for example, it contains lines like:
user1@OK
user2@OK
But this does not work :-(
I would not like to list all users for all domains, but just accept mail
to the existing users for ALL domains (as shown in my example above).
Is there a way to reach that goal?
Or do i need to add one line for each user in every domain?
Thank you!
:)
Re: Multiple access lists
* Dirk H. Schulz dirk.sch...@kinzesberg.de: Hi all, I have configured my Postfix to use multiple access lists like that: check_client_access hash:/usr/pkg/etc/postfix-in/list1, hash:/usr/pkg/etc/postfix-in/list2 I think this has worked some time, but it does not now - list2 seems not to be used. Use: check_client_access hash:/usr/pkg/etc/postfix-in/list1, check_client_access hash:/usr/pkg/etc/postfix-in/list2, I do not find anything in official docs or Google about using multiple lists. Is this not possible (any more), does it need a different syntax? Any hint or help is appreciated. Dirk -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de
Re: hotmail problem
On Thu, Apr 8, 2010 at 11:04 AM, Patric Falinder patric.falin...@omg.nuwrote: K bharathan skrev 2010-04-08 10:56: sorry for this generic mail system question i've got a problem with hotmail; when i send mail to a particular domain ( example.com) sometimes it bounce back saying : This is an automatically generated Delivery Status Notification. Delivery to the following recipients failed. a...@example.com Final-Recipient: rfc822;a...@example.com rfc822%3...@example.com rfc822%3...@example.com rfc822%253...@example.com Action: failed Status: 5.7.1 Diagnostic-Code: smtp;554 5.7.1a...@example.com: Recipient address rejected: Access denied it's not even reaching the recipient's mx but sometimes it get delivered; the problem started very recently; any clue about this! appreciate some guidance -bharathan Remember to post the output from postconf -n It's easier to figure out the problem if we can read the config so we don't have to guess whats wrong! -Patric thanks this is happening when i send from hotmail to any recipi...@example.com and not always; the above delivery failure is from hotmail below is the postconf : alias_maps = hash:/etc/aliases biff = no canonical_maps = hash:/etc/postfix/canonical command_directory = /usr/sbin config_directory = /etc/postfix content_filter = amavisd-new:[127.0.0.1]:10024 daemon_directory = /usr/lib/postfix debug_peer_level = 2 defer_transports = disable_dns_lookups = no disable_mime_output_conversion = no disable_vrfy_command = yes header_checks = regexp:/etc/postfix/header_checks html_directory = /usr/share/doc/packages/postfix23/html inet_interfaces = all inet_protocols = all local_recipient_maps = local_transport = error:local mail delivery is disabled mail_owner = postfix mail_spool_directory = /var/mail mailbox_command = mailbox_size_limit = 0 mailbox_transport = mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man masquerade_classes = envelope_sender, header_sender, header_recipient masquerade_domains = masquerade_exceptions = root message_size_limit = 2560 mime_header_checks = pcre:/etc/postfix/mime_header_checks mydestination = myhostname = relay1.example1.com mynetworks = x.x.x.x/24 x.x.x.x/24 127.0.0.0/8 x.x.x.x/24 mynetworks_style = subnet myorigin = example1.com newaliases_path = /usr/bin/newaliases queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/packages/postfix23/README_FILES relay_domains = example.com relay_recipient_maps = hash:/etc/postfix/relay_recipients relocated_maps = hash:/etc/postfix/relocated sample_directory = /usr/share/doc/packages/postfix23/samples sender_canonical_maps = hash:/etc/postfix/sender_canonical sendmail_path = /usr/sbin/sendmail setgid_group = maildrop smtp_sasl_auth_enable = no smtp_use_tls = no smtpd_client_restrictions = smtpd_data_restrictions = reject_multi_recipient_bounce reject_unauth_pipelining permit smtpd_helo_required = yes smtpd_helo_restrictions = smtpd_recipient_restrictions = reject_non_fqdn_recipient reject_non_fqdn_sender reject_unknown_sender_domain reject_unknown_recipient_domain permit_mynetworks reject_unauth_destination check_recipient_access hash:/etc/postfix/roleaccount_exceptions check_client_access hash:/etc/postfix/backscatterer_whitelist check_sender_access hash:/etc/postfix/check_backscatterer reject_non_fqdn_hostname reject_invalid_hostname check_client_access cidr:/etc/postfix/spam_cidr check_helo_access pcre:/etc/postfix/helo_checks check_recipient_access hash:/etc/postfix/whitelist_recipients reject_rbl_client zen.spamhaus.org reject_rhsbl_sender dsn.rfc-ignorant.org permit smtpd_restriction_classes = strict_client_domain smtpd_sasl_auth_enable = no smtpd_sender_restrictions = hash:/etc/postfix/access check_sender_access hash:/etc/postfix/strict_sender_map smtpd_use_tls = no strict_8bitmime = no strict_rfc821_envelopes = no transport_maps = hash:/etc/postfix/transport unknown_client_reject_code = 554 unknown_local_recipient_reject_code = 550 virtual_alias_domains = hash:/etc/postfix/virtual virtual_alias_maps = hash:/etc/postfix/virtual pcre:/etc/postfix/virtual_pcre --bharathan
Re: Multiple access lists
On Thu, April 8, 2010 12:32 pm, Dirk H. Schulz said: I have configured my Postfix to use multiple access lists like that: check_client_access hash:/usr/pkg/etc/postfix-in/list1, hash:/usr/pkg/etc/postfix-in/list2 I think this has worked some time, but it does not now - list2 seems not to be used. If you omit the restriction name and only state the lookup table name, the meaning depends on which smtpd_whatever_restrictions you place it. You probably mean this: smtpd_whatever_restrictions = check_client_access hash:/usr/pkg/etc/postfix-in/list1, check_client_access hash:/usr/pkg/etc/postfix-in/list2 If that doesn't help, show postconf -n output. I do not find anything in official docs or Google about using multiple lists. Is this not possible (any more), does it need a different syntax? The number of access lists is only limited by memory and the maximum number of open files. -- Magnus Bäck mag...@dsek.lth.se
Rejecting certain sub-names (from recipient_delimiter)
One more question, as i reconfigure my mail-servers :) I have recipient_delimiter set to ., so that user.anything@example.com will be delivered to u...@example.com Now, i have a certain sub-name, that i want to REJECT. For example: user.s...@example.com Is it possible to reject mail to user.s...@example.com while accepting all other use...@example.com addresses? So far, i found recipient_access to allow this this: main.cf: check_recipient_access pcre:/etc/postfix/recipient_access /etc/postfix/recipient_access: /^user\.s...@example\.com$/ REJECT Is this the right way to handle this? Or are there other, more recommended methods?
Re: Rejecting certain sub-names (from recipient_delimiter)
* postfix-us...@tja-server.de postfix-us...@tja-server.de: One more question, as i reconfigure my mail-servers :) I have recipient_delimiter set to ., so that user.anything@example.com will be delivered to u...@example.com Now, i have a certain sub-name, that i want to REJECT. For example: user.s...@example.com Is it possible to reject mail to user.s...@example.com while accepting all other use...@example.com addresses? So far, i found recipient_access to allow this this: main.cf: check_recipient_access pcre:/etc/postfix/recipient_access check_recipient_access hash:/etc/postfix/recipient_access user.s...@example.com REJECT -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de
Re: redirect local(8) delivery to $lo...@$mydomain ?
On 25/03/2010, at 11:43 AM, James Lever wrote: This still doesn’t solve the issue of local destination mail - mail sent via “mail user” or “mail u...@$myhostname” from the local system still gets delivered to the mail spool. This is the key part that I’m still trying to solve. For anybody else that comes along, I discovered 2 methods to easily do what I wanted. Method 1: Enable envelope_sender masquerading (non-default behaviour). edit masquerade_classes to include envelope_recipient, for example: masquerade_classes = envelope_sender, envelope_recipient, header_sender, header_recipient along with masquerade_domains = $mydomain masquerade_exceptions = root, mailer-daemon, logwatch Method 2: This method can provide significantly greater flexibility, but bypasses all local delivery attempts including alias expansion, so any aliases need to be defined in /etc/postfix/virtual and the regexp needs to exclude it (from my minimal testing of this method) local_transport = virtual virtual_alias_maps = regexp:/etc/postfix/virtual in /etc/postfix/virtual have an entry similar to this /(.*)@/ $...@somedomain.com Hopefully that’s the right way to do the second one. cheers, James
Re: Mailgateway
On 4/8/2010 5:32 AM, postfix-us...@tja-server.de wrote:
Thank you, Noel!
I got that running - mostly :)
Server A (MX, SMTP: smtp.example.com) has:
relay_domains = $myhostname, localhost.$mydomain, localhost,
/etc/postfix/mydomains
relay_transport = smtp:[smtp.example.com]
mynetworks = [ip.ad.dr.es], ...
Where /etc/postfix/mydomains lists all domains to be relayed and the
relay_transport is the IP of Server B:
Server B (IMAP, imap.example.com) has:
relayhost = [smtp.example.com]
mydestination = $myhostname, localhost.$mydomain, localhost,
/etc/postfix/mydomains
mynetworks = [ip.ad.dr.es], ...
This setup works for me - beside one problem:
The /etc/aliases of Server A will not be honored, which means that all
mail to any of the domains will be transported to Server B, which in
turn will bounce the mail.
Right. /etc/aliases is expanded during local(8) delivery. If
you must expand aliases on the gateway, use virtual_alias_maps
(not! virtual_alias_domains)
But it's generally better to pass the original recipient to
the internal mail server and do the expansion there.
I would like to let already Server A bounce those mails!
Using a relay_recipient_maps as you wrote, seems to be the right way,
but i cannot get it running.
Like in a /etc/aliases file, i want to accept certain users for all
domains.
I tried to create the file as follows:
awk -F: '{print $1}' /etc/aliases | egrep -v ^(#|$) | awk '{print $1@
OK}' | sort -u relay_recipient_map
So, for example, it contains lines like:
user1@ OK
user2@ OK
But this does not work :-(
relay_recipient_maps must list the u...@domain.
us...@domain1 OK
us...@domain2 OK
us...@domain3 OK
...
I would not like to list all users for all domains, but just accept mail
to the existing users for ALL domains (as shown in my example above).
List them all individually. Don't worry about the size of the
file; it won't affect performance.
-- Noel Jones
Re: Bounces resulting from forwarded Mails
Hi, Find out why the host rejected the mail. I assume your mails are not spam and they dont have a virus ( Email virus is almost a non-issue now a days ) Are all the forwarded mails getting rejected , or only a few Well, i assume that those messages that get rejected (like 1 out of 10) really contain spam or viruses since our frontend mailserver does only some very brief spam checking and no virus checking due to load restrictions. Usually we do those checks on our backend servers which are configured to accept all mail. I suspect the recipient server is doing an SPF check. So you wont be able to forward unless you change the envelope. The envelope is changed in our case as the destination address gets rewritten. Thanks for all your comments. I see now that we need to rework our forwarding policy. I think the best solution will be to first relay those mails to one of our backend servers, check them toroughly and only then forward them externally. cheers, Michael
Re: Mailgateway
Noel Jones schrieb: a great explanation Everything is running fine :) Thank you!
Re: Mailgateway
On 2010-04-08 postfix-us...@tja-server.de wrote:
Server A (MX, SMTP: smtp.example.com) has:
relay_domains = $myhostname, localhost.$mydomain, localhost,
/etc/postfix/mydomains
$myhostname and localhost.$mydomain should go into $mydestination, not
into $relay_domains. You can forward all mail to valid local addresses
to your internal host via entries in $alias_maps.
relay_transport = smtp:[smtp.example.com]
mynetworks = [ip.ad.dr.es], ...
I don't think [a.b.c.d] is valid syntax for IPv4 addresses in
$mynetworks. Lose the square brackets.
Where /etc/postfix/mydomains lists all domains to be relayed
You may want to use a more speaking name for your relay domains (like,
/etc/postfix/relay_domains ;).
and the relay_transport is the IP of Server B:
In your config snippet from server A, the parameter $relay_transport
doesn't contain the IP address of server B, but the FQDN of server A.
Unless you mis-obfuscated the parameter value you need to correct that
line.
Server B (IMAP, imap.example.com) has:
relayhost = [smtp.example.com]
mydestination = $myhostname, localhost.$mydomain, localhost,
/etc/postfix/mydomains
mynetworks = [ip.ad.dr.es], ...
See above.
This setup works for me - beside one problem:
The /etc/aliases of Server A will not be honored, which means that all
mail to any of the domains will be transported to Server B, which in
turn will bounce the mail.
Expected, since you configured $myhostname as a relay domain.
I would like to let already Server A bounce those mails!
# Server A
mydestination = $myhostname, localhost.$mydomain, localhost
relay_domains = /etc/postfix/relay_domains
alias_maps = hash:/etc/aliases
local_recipient_maps = $alias_maps
relay_recipient_maps = hash:/etc/postfix/relay_recipients
Using a relay_recipient_maps as you wrote, seems to be the right way, but
i cannot get it running.
Like in a /etc/aliases file, i want to accept certain users for all domains.
I tried to create the file as follows:
awk -F: '{print $1}' /etc/aliases | egrep -v ^(#|$) | awk '{print $1@
OK}' | sort -u relay_recipient_map
coughawk -F: '$0 !~ /^(#|$)/ {print $1 OK}' /etc/aliases/cough
So, for example, it contains lines like:
user1@OK
user2@OK
But this does not work :-(
I would not like to list all users for all domains, but just accept
mail to the existing users for ALL domains (as shown in my example
above).
Is there a way to reach that goal?
Or do i need to add one line for each user in every domain?
The postconf man-page [1] isn't too clear about this, but I think you
need to specify full addresses (us...@example.com OK). I have a script
somewhere that will generate a list of valid recipients from various
(file-based) recipient and domain lists. If I manage to unearth it after
I get home tonight, I'll post it here.
[1] http://www.postfix.org/postconf.5.html#relay_recipient_maps
Regards
Ansgar Wiechers
--
Abstractions save us time working, but they don't save us time learning.
--Joel Spolsky
Re: Rejecting certain sub-names (from recipient_delimiter)
Ralf Hildebrandt schrieb: check_recipient_access hash:/etc/postfix/recipient_access user.s...@example.com REJECT Thanx, that is more easy to use :)
Re: Mailgateway
Ansgar Wiechers schrieb:
$myhostname and localhost.$mydomain should go into $mydestination, not
into $relay_domains. You can forward all mail to valid local addresses
to your internal host via entries in $alias_maps.
I changed than, thank you!
Also, i moved localhost to $mydestination, which i hope is OK ...
relay_transport = smtp:[smtp.example.com]
mynetworks = [ip.ad.dr.es], ...
I don't think [a.b.c.d] is valid syntax for IPv4 addresses in
$mynetworks. Lose the square brackets.
Yes, this was a formatting mistake, i have regular IPs and networks in
that line.
Where /etc/postfix/mydomains lists all domains to be relayed
You may want to use a more speaking name for your relay domains (like,
/etc/postfix/relay_domains ;).
I need a file with the same content on Server B, where it is referred to
by $mydestination
I did not want to use different names for files with the same content ...
and the relay_transport is the IP of Server B:
In your config snippet from server A, the parameter $relay_transport
doesn't contain the IP address of server B, but the FQDN of server A.
Unless you mis-obfuscated the parameter value you need to correct that
line.
But why?!?
It seems to work with the FQDN in square brackets:
relay_transport = smtp:[mail.example.com]
Expected, since you configured $myhostname as a relay domain.
Yes, now it works better :)
Thank you again.
I would like to let already Server A bounce those mails!
# Server A
mydestination = $myhostname, localhost.$mydomain, localhost
relay_domains = /etc/postfix/relay_domains
alias_maps = hash:/etc/aliases
local_recipient_maps = $alias_maps
relay_recipient_maps = hash:/etc/postfix/relay_recipients
Der default, that seems to be quite similar already:
postconf | egrep ^(alias_maps|local_recipient_maps)
alias_maps = hash:/etc/aliases
local_recipient_maps = proxy:unix:passwd.byname $alias_maps
I can locally expand now, with your suggestion for $mydestination :)
coughawk -F: '$0 !~ /^(#|$)/ {print $1 OK}' /etc/aliases/cough
:)
The postconf man-page [1] isn't too clear about this, but I think you
need to specify full addresses (us...@example.com OK). I have a script
somewhere that will generate a list of valid recipients from various
(file-based) recipient and domain lists. If I manage to unearth it after
I get home tonight, I'll post it here.
Thanx, but i already created a script - and my users dont change often -
the file will stay stable for months or even years now :9
Thank you for your comments and additional help!
amavis Delivery status notification(DSN) failing
Hi, I have a postfix mail server over which I have deployed a custom content filter written in java. Now I introduced amavisd (containing clamav and spamassassin) as content filter such that the mail is passing in following manner: ===mail from outside === Postfix amavisd === custom content filter I referred the link(http://wiki.centos.org/HowTos/Amavisd) to setup amavisd(containing clamav and spamassassin) Here my setup is running ok when amavisd is bypassed and mail is directly being sent to custom content filter but I receive following error logs as soon as I start passing my mails via amavisd: Apr 7 11:36:14 ip-10-194-99-63 postfix/smtpd[3585]: connect from mail-pw0-f48.google.com[209.85.160.48] Apr 7 11:36:14 ip-10-194-99-63 postfix/smtpd[3585]: BABCC100191: client=mail-pw0-f48.google.com[209.85.160.48] Apr 7 11:36:14 ip-10-194-99-63 postfix/cleanup[3593]: BABCC100191: message-id=x2h6c32076e1004070836p20a8cdabz104ac2c1d55a2...@mail.gmail.com Apr 7 11:36:15 ip-10-194-99-63 postfix/qmgr[3583]: BABCC100191: from=ashiish.sha...@gmail.com, size=1966, nrcpt=1 (queue active) Apr 7 11:36:45 ip-10-194-99-63 postfix/smtpd[3585]: disconnect from mail-pw0-f48.google.com[209.85.160.48] Apr 7 11:36:54 ip-10-194-99-63 amavis[3264]: (03264-02) (!)rw_loop: leaving rw loop, no progress, last event (select) 34.987 s ago Apr 7 11:36:54 ip-10-194-99-63 amavis[3264]: (03264-02) (!)SEND via SMTP: - ashiish.sha...@gmail.com, 451 4.5.0 From MTA([10.194.99.63]:10030) during fwd-connect (Negative greeting: at (eval 57) line 596, GEN18 line 162.): id=03264-02 Apr 7 11:36:54 ip-10-194-99-63 amavis[3264]: (03264-02) (!!)TROUBLE in check_mail: delivery-notification FAILED: temporarily unable to send DSN to ashiish.sha...@gmail.com: 451 4.5.0 From MTA([10.194.99.63]:10030) during fwd-connect (Negative greeting: at (eval 57) line 596, GEN18 line 162.): id=03264-02 at /usr/sbin/amavisd line 11359, GEN18 line 162. Apr 7 11:36:54 ip-10-194-99-63 amavis[3264]: (03264-02) (!)PRESERVING EVIDENCE in /var/amavis/tmp/amavis-20100407T113615-03264 Apr 7 11:36:54 ip-10-194-99-63 postfix/lmtp[3594]: BABCC100191: to=ida6786ombo...@dev1.cpgtest.ostinet.net, relay=127.0.0.1[127.0.0.1]:10024, delay=40, delays=0.54/0.01/0/40, dsn=4.5.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 Error in processing, id=03264-02, delivery-notification FAILED: temporarily unable to send DSN to ashiish.sha...@gmail.com: 451 4.5.0 From MTA([10.194.99.63]:10030) during fwd-connect (Negative greeting: at (eval 57) line 596, GEN18 line 162.): id=03264-02 at /usr/sbin/amavisd line 11359, GEN18 line 162. (in reply to end of DATA command)) I have no idea where the problem is actually residing. Please help Thanks in advance Ashish Sharma
Re: redirect local(8) delivery to $lo...@$mydomain ?
On Thu, Apr 08, 2010 at 09:59:54PM +1000, James Lever wrote: On 25/03/2010, at 11:43 AM, James Lever wrote: This still doesn?t solve the issue of local destination mail - mail sent via ?mail user? or ?mail u...@$myhostname? from the local system still gets delivered to the mail spool. This is the key part that I?m still trying to solve. For anybody else that comes along, I discovered 2 methods to easily do what I wanted. Method 1: Enable envelope_sender masquerading (non-default behaviour). edit masquerade_classes to include envelope_recipient, for example: masquerade_classes = envelope_sender, envelope_recipient, header_sender, header_recipient along with masquerade_domains = $mydomain masquerade_exceptions = root, mailer-daemon, logwatch Seems to me that $myorigin = $mydomain achieves the result more cleanly. Mail for root can be handled via virtual(5) and generic(5). Method 2: This method can provide significantly greater flexibility, but bypasses all local delivery attempts including alias expansion, so any aliases need to be defined in /etc/postfix/virtual and the regexp needs to exclude it (from my minimal testing of this method) local_transport = virtual virtual_alias_maps = regexp:/etc/postfix/virtual in /etc/postfix/virtual have an entry similar to this /(.*)@/ $...@somedomain.com Hopefully that?s the right way to do the second one. This looks fragile. -- Viktor. P.S. Morgan Stanley is looking for a New York City based, Senior Unix system/email administrator to architect and sustain our perimeter email environment. If you are interested, please drop me a note.
Re: Multiple access lists
On Thu, April 8, 2010 12:32 pm, Dirk H. Schulz said: I have configured my Postfix to use multiple access lists like that: check_client_access hash:/usr/pkg/etc/postfix-in/list1, hash:/usr/pkg/etc/postfix-in/list2 I think this has worked some time, but it does not now - list2 seems not to be used. If you omit the restriction name and only state the lookup table name, the meaning depends on which smtpd_whatever_restrictions you place it. You probably mean this: smtpd_whatever_restrictions = check_client_access hash:/usr/pkg/etc/postfix-in/list1, check_client_access hash:/usr/pkg/etc/postfix-in/list2 Does the same apply for header checks? Until now I had header_checks = regexp:/usr/pkg/etc/postfix-in/header_checks, regexp:/usr/pkg/etc/postfix-in/header_checks_virus Thanks for your help, Dirk
Re: Mailgateway
On 4/8/2010 8:25 AM, Thomas wrote: Ansgar Wiechers schrieb: $myhostname and localhost.$mydomain should go into $mydestination, not into $relay_domains. You can forward all mail to valid local addresses to your internal host via entries in $alias_maps. I changed than, thank you! Also, i moved localhost to $mydestination, which i hope is OK ... Whether or not those domains belong in mydestination depends on where you want them delivered. If they are to be delivered on that physical box, mydestination is correct. If those domains are to be sent on to the internal mailstore, then they belong in relay_domains. It's fairly common for a mail MX gateway to have an empty mydestination setting. # main.cf mydestination = But there is no one correct way; what you use depends on how you want postfix to behave. -- Noel Jones
email to yahoo stuck in queue
Hi, I've noticed lately that I have a lot mail stuck on queue, most are intended for yahoo users where most of the emails being sent to yahoo contains attachments mostly image files, flushing the queue doesn't do anything, and most of all yahoo doesn't do anything to my complaints. Any idea how to go about this? Here's my postfix configuration: [r...@mail ~]# postconf -n alias_database = hash:/etc/postfix/aliases alias_maps = hash:/etc/postfix/aliases broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 header_checks = regexp:/etc/postfix/header_checks html_directory = /usr/share/doc/postfix-2.5.5-documentation/html inet_interfaces = all mail_owner = postfix mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man maps_rbl_domains = bl.spamcop.net message_size_limit = 4096 mydestination = localhost mydomain = example.com myhostname = mail.example.com mynetworks = 192.168.8.0/24, 127.0.0.0/8 myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.5.5-documentation/readme recipient_delimiter = + relay_domains = $mydestination relayhost = sample_directory = /etc/postfix sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtpd_helo_required = yes smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks reject_unauth_destination permit_tls_all_clientcerts reject_non_fqdn_hostname reject_non_fqdn_sender reject_non_fqdn_recipient reject_unauth_destination reject_unauth_pipelining reject_invalid_hostname reject_rbl_client zen.spamhaus.org reject_rhsbl_sender dsn.rfc-ignorant.org reject_rbl_client bl.spamcop.net permit smtpd_sasl_auth_enable = yes smtpd_sasl_exceptions_networks = $mynetworks smtpd_sasl_path = /var/run/dovecot/auth-client smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_tls_cert_file = /etc/postfix/ssl/mail-cert.pem smtpd_tls_key_file = /etc/postfix/ssl/mail-key.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scache smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom transport_maps = hash:/etc/postfix/transport unknown_local_recipient_reject_code = 550 virtual_alias_maps = proxy:mysql:$config_directory/mysql_virtual_alias_maps.cf virtual_gid_maps = static:12 virtual_mailbox_base = /home/virtualmail virtual_mailbox_domains = proxy:mysql:$config_directory/mysql_virtual_domains_maps.cf virtual_mailbox_maps = proxy:mysql:$config_directory/mysql_virtual_mailbox_maps.cf virtual_minimum_uid = 150 virtual_transport = dovecot virtual_uid_maps = static:150
Re: email to yahoo stuck in queue
- Original Message From: jan gestre ipcopper...@gmail.com To: postfix users list postfix-users@postfix.org Sent: Thu, April 8, 2010 3:32:23 PM Subject: email to yahoo stuck in queue Hi, I've noticed lately that I have a lot mail stuck on queue, most are intended for yahoo users where most of the emails being sent to yahoo contains attachments mostly image files, flushing the queue doesn't do anything, and most of all yahoo doesn't do anything to my complaints. Any idea how to go about this? Here's my postfix configuration: [r...@mail ~]# postconf -n alias_database = hash:/etc/postfix/aliases alias_maps = hash:/etc/postfix/aliases broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 header_checks = regexp:/etc/postfix/header_checks html_directory = /usr/share/doc/postfix-2.5.5-documentation/html inet_interfaces = all mail_owner = postfix mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man maps_rbl_domains = bl.spamcop.net message_size_limit = 4096 mydestination = localhost mydomain = example.com myhostname = mail.example.com mynetworks = 192.168.8.0/24, 127.0.0.0/8 myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.5.5-documentation/readme recipient_delimiter = + relay_domains = $mydestination relayhost = sample_directory = /etc/postfix sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtpd_helo_required = yes smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks reject_unauth_destination permit_tls_all_clientcerts reject_non_fqdn_hostname reject_non_fqdn_sender reject_non_fqdn_recipient reject_unauth_destination reject_unauth_pipelining reject_invalid_hostname reject_rbl_client zen.spamhaus.org reject_rhsbl_sender dsn.rfc-ignorant.org reject_rbl_client bl.spamcop.net permit smtpd_sasl_auth_enable = yes smtpd_sasl_exceptions_networks = $mynetworks smtpd_sasl_path = /var/run/dovecot/auth-client smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_tls_cert_file = /etc/postfix/ssl/mail-cert.pem smtpd_tls_key_file = /etc/postfix/ssl/mail-key.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scache smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom transport_maps = hash:/etc/postfix/transport unknown_local_recipient_reject_code = 550 virtual_alias_maps = proxy:mysql:$config_directory/mysql_virtual_alias_maps.cf virtual_gid_maps = static:12 virtual_mailbox_base = /home/virtualmail virtual_mailbox_domains = proxy:mysql:$config_directory/mysql_virtual_domains_maps.cf virtual_mailbox_maps = proxy:mysql:$config_directory/mysql_virtual_mailbox_maps.cf virtual_minimum_uid = 150 virtual_transport = dovecot virtual_uid_maps = static:150 Jan, Can you show us some of the queued mail messages with obvious edits to hide the destinations user name? Also provide any logging information. Daniel Reinhardt Website: www.cryptodan.com Email: crypto...@yahoo.com
Re: Multiple access lists
On Thu, Apr 08, 2010 at 04:56:49PM +0200, Dirk H. Schulz wrote: smtpd_whatever_restrictions = check_client_access hash:/usr/pkg/etc/postfix-in/list1, check_client_access hash:/usr/pkg/etc/postfix-in/list2 This is rather pointless, why not have the computer concatenate the source files into a single file that is hashed once, and run faster with a much lower memory footprint? Does the same apply for header checks? Until now I had header_checks = regexp:/usr/pkg/etc/postfix-in/header_checks, regexp:/usr/pkg/etc/postfix-in/header_checks_virus This checks the second table if the first does not match, and is completely equivalent to using a single table obtained from: cat header_checks header_checks_virus header_checks_merged.tmp mv header_checks_merged.tmp header_checks_merged -- Viktor. P.S. Morgan Stanley is looking for a New York City based, Senior Unix system/email administrator to architect and sustain our perimeter email environment. If you are interested, please drop me a note.
Re: amavis Delivery status notification(DSN) failing
Sharma, Ashish: Apr 7 11:36:54 ip-10-194-99-63 postfix/lmtp[3594]: BABCC100191: to=ida6786ombo...@dev1.cpgtest.ostinet.net, relay=127.0.0.1[127.0.0.1]:10024, delay=40, delays=0.54/0.01/0/40, dsn=4.5.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 Error in processing, id=03264-02, delivery-notification FAILED: temporarily unable to send DSN to ashiish.sha...@gmail.com: 451 4.5.0 From MTA([10.194.99.63]:10030) during fwd-connect (Negative greeting: at (eval 57) line 596, GEN18 line 162.): id=03264-02 at /usr/sbin/amavisd line 11359, GEN18 line 162. (in reply to end of DATA command)) The Postfix SMTP server after the filter is giving problems. What is the result of: $ telnet 10.194.99.63 10030 Wietse
Re: Multiple access lists
Dirk H. Schulz: Does the same apply for header checks? Until now I had header_checks = regexp:/usr/pkg/etc/postfix-in/header_checks, regexp:/usr/pkg/etc/postfix-in/header_checks_virus Thanks for your help, The postconf(5) manpage uses plural: header_checks (default: empty) Optional lookup tables for content inspection of primary non-MIME mes- sage headers, as specified in the header_checks(5) manual page. This implies that header_checks = xxx:xxx, yyy:yyy, zzz:zzz is valid. In the same manpage, the syntax for check_xxx_access uses singular. Example: check_client_access type:table Search the specified access database for the client hostname, parent domains, client IP address, or networks obtained by stripping least significant octets. See the access(5) manual page for details. This implies that check_xxx_access uses only one table. For historical reasons, a lonely type:table without preceding check_xxx_access command will check a default attribute (for example, within smtpd_recipient_restrictions, the default attribute is the recipient address). Wietse
Re: amavis Delivery status notification(DSN) failing
Ashish, I have a postfix mail server over which I have deployed a custom content filter written in java. Now I introduced amavisd (containing clamav and spamassassin) as content filter such that the mail is passing in following manner: ===mail from outside === Postfix amavisd === custom content filter I referred the link(http://wiki.centos.org/HowTos/Amavisd) to setup amavisd(containing clamav and spamassassin) Here my setup is running ok when amavisd is bypassed and mail is directly being sent to custom content filter but I receive following error logs as soon as I start passing my mails via amavisd: Apr 7 11:36:54 ip-10-194-99-63 amavis[3264]: (03264-02) (!)rw_loop: leaving rw loop, no progress, last event (select) 34.987 s ago Apparently your custom content filter is not responding with a SMTP greeting when amavisd tries to send a delivery notification to it. At log level 5 you can see what traffic is being passed on to the back-end server/scanner specified by $notify_method . Or do a packet capture on a loopback interface if using inet socket. Make sure your backend filter can handle multiple transactions within a single SMTP session. Btw, do you really want to send bounces too to the java filter? These could be sent directly to Postfix ($notify_method), while filtered messages could go to your filter ($forward_method). Mark
Re: Mailgateway
On 2010-04-08 Thomas wrote: Ansgar Wiechers schrieb: Where /etc/postfix/mydomains lists all domains to be relayed You may want to use a more speaking name for your relay domains (like, /etc/postfix/relay_domains ;). I need a file with the same content on Server B, where it is referred to by $mydestination I did not want to use different names for files with the same content ... I suppose in that case I'd prefer to name the file domains_COMPANYNAME or something, to avoid confusion with domains that are local to the server. Perhaps a matter of personal opinion, though. and the relay_transport is the IP of Server B: In your config snippet from server A, the parameter $relay_transport doesn't contain the IP address of server B, but the FQDN of server A. Unless you mis-obfuscated the parameter value you need to correct that line. But why?!? It seems to work with the FQDN in square brackets: relay_transport = smtp:[mail.example.com] It should work if the FQDN is the FQDN of server B. It shouldn't work if the FQDN is the FQDN of server A (which was the case in your config snippet). I would like to let already Server A bounce those mails! # Server A mydestination = $myhostname, localhost.$mydomain, localhost relay_domains = /etc/postfix/relay_domains alias_maps = hash:/etc/aliases local_recipient_maps = $alias_maps relay_recipient_maps = hash:/etc/postfix/relay_recipients Der default, that seems to be quite similar already: postconf | egrep ^(alias_maps|local_recipient_maps) alias_maps = hash:/etc/aliases local_recipient_maps = proxy:unix:passwd.byname $alias_maps I can locally expand now, with your suggestion for $mydestination :) The default includes all local users of the machine, which probably is not what you want, considering the machine's purpose. The postconf man-page [1] isn't too clear about this, but I think you need to specify full addresses (us...@example.com OK). I have a script somewhere that will generate a list of valid recipients from various (file-based) recipient and domain lists. If I manage to unearth it after I get home tonight, I'll post it here. Thanx, but i already created a script - and my users dont change often - the file will stay stable for months or even years now :9 'kay. Thank you for your comments and additional help! You're welcome. Regards Ansgar Wiechers -- Abstractions save us time working, but they don't save us time learning. --Joel Spolsky
Re: Mailgateway
Ansgar Wiechers schrieb: It should work if the FQDN is the FQDN of server B. It shouldn't work if the FQDN is the FQDN of server A (which was the case in your config snippet). Ahh ... Was too fast to format that stuff, sorry for that! The default includes all local users of the machine, which probably is not what you want, considering the machine's purpose. Thats a good argument - i changed the config! Thanx again :)
Re: pipe character in MAIL FROM ?
Eddy Beliveau: Hi! Networkers, I'm using postfix 2.5.6 and it works perfectly on our academic server My postfix server seems to reject incoming email when Mail From contains | character 220 * EHLO smtp.sender.com 250-smtp.example.com 250-PIPELINING 250-SIZE 1536 250-ETRN 250-ENHANCEDSTATUSCODES 250 8BITMIME MAIL From:bounces+|306052-6-3997|@example.com SIZE=249898 BODY=8BITMIME one.of.my.u...@hec.ca... Deferred: Connection reset by smtp.example.com. Your Postfix server is behind a FIREWALL that drops the connection. Wietse
[OFF-TOPIC] - Erros SMTP
Boa tarde a todos. Existem situações em que a mensagem sai de um servidor SMTP com status de enviada, porém depois de algum tempo o servidor de destino envia uma mensagem de erro informando que a mensagem não foi entregue. Existe alguma padronização ou uma lista com os erros que podem ocorrer na situação descrita acima? Espero ter sido claro. Desde já agradeço, Erick Vitor de Barros.
Re: [OFF-TOPIC] - Erros SMTP
Sorry, Wrong mailing list :( 2010/4/8 Darvin Denmian darvin.denm...@gmail.com: Boa tarde a todos. Existem situações em que a mensagem sai de um servidor SMTP com status de enviada, porém depois de algum tempo o servidor de destino envia uma mensagem de erro informando que a mensagem não foi entregue. Existe alguma padronização ou uma lista com os erros que podem ocorrer na situação descrita acima? Espero ter sido claro. Desde já agradeço, Erick Vitor de Barros.
Re: Mailgateway
On 4/8/2010 12:34 PM, postfix-us...@tja-server.de wrote:
And finally, to showcase my config, the postconf -n outputs, modified
to remove real hostnames and IP-addresses.
A client server:
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
This should use $data_directory rather than $queue_directory.
$data_directory must be a directory owned by $mail_owner
(default postfix) and not used by any other programs. On
most systems this defaults to /var/lib/postfix.
http://www.postfix.org/postconf.5.html#data_directory
http://www.postfix.org/postconf.5.html#smtp_tls_session_cache_database
smtpd_client_restrictions = reject_unknown_reverse_client_hostname,
check_client_access hash:/etc/postfix/client_access
All smtpd_*_restrictions should start with permit_mynetworks,
permit_sasl_authenticated to prevent rejecting authorized
clients.
smtpd_helo_restrictions = reject_invalid_helo_hostname
Same comment as above.
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_unauth_destination,
check_recipient_access hash:/etc/postfix/recipient_access
OK.
smtpd_sender_restrictions = check_sender_access
hash:/etc/postfix/sender_access
same comment as smtpd_client_restrictions.
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
same comment as smtp_tls_session_cache_database
smtpd_use_tls = yes
This parameter is obsolete. Rather use
smtpd_tls_security_level = may
http://www.postfix.org/postconf.5.html#smtpd_tls_security_level
And the IMAP server (Server B):
Same comments as above.
-- Noel Jones
Re: redirect local(8) delivery to $lo...@$mydomain ?
On 09/04/2010, at 12:08 AM, Victor Duchovni wrote: Seems to me that $myorigin = $mydomain achieves the result more cleanly. Mail for root can be handled via virtual(5) and generic(5). That’s a fair point, but this is a much simpler and cleaner (configuration management-wise) solution. I think $myorigin = $mydomain still doesn’t handle the case where you send mail to $lo...@$myhostname without the use of masquerading? in /etc/postfix/virtual have an entry similar to this /(.*)@/ $...@somedomain.com Hopefully that?s the right way to do the second one. This looks fragile. Yeah, I went back to using masquerade_classes as it was a significantly tidier approach. If I did ever have need to go down the virtual approach, I’d probably have write some decent regexp to cover my behind. cheers, James
Re: email to yahoo stuck in queue
jan gestre a écrit : Hi, I've noticed lately that I have a lot mail stuck on queue, most are intended for yahoo users where most of the emails being sent to yahoo contains attachments mostly image files, flushing the queue doesn't do anything, and most of all yahoo doesn't do anything to my complaints. Any idea how to go about this? [snip] unfortunately we can't help you. yahoo throttle your mail. if this is a problem, it means you send too much mail to yahoo. In this case, you need to get whitelisted by Yahoo. and for that, you need to contact Yahoo. there are things you could do to improve delivery. but these depend on your IP, your geographic location, your domain, your helo, ... etc. we cannot help a random gmail user improve delivery from example.com.
Re: Mailgateway
Noel Jones schrieb: This should use $data_directory rather than $queue_directory. $data_directory must be a directory owned by $mail_owner (default postfix) and not used by any other programs. On most systems this defaults to /var/lib/postfix. On my systems (Debian 4 and 5), data_directory is not set! And nothing points to /var/lib/postfix, which not even exists :-O postconf | grep directory | grep \/ | grep -v execution_directory_expansion_filter | grep -v '\$' command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/lib/postfix mail_spool_directory = /var/mail manpage_directory = /usr/share/man queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix sample_directory = /usr/share/doc/postfix/examples postconf mail_version mail_version = 2.3.8 All smtpd_*_restrictions should start with permit_mynetworks, permit_sasl_authenticated to prevent rejecting authorized clients. smtpd_helo_restrictions = reject_invalid_helo_hostname Same comment as above. OK. I added that! Also to smtpd_sender_restrictions, as you mentioned above. smtpd_use_tls = yes This parameter is obsolete. Rather use smtpd_tls_security_level = may OK. I added that too and removed smtpd_tls_auth_only as this will be set anyway. Thank you very much! I begin to like my configurations now :)
errors from postfix
I use fetchmail to get my email from yahoo gmail et al. Lately I've been getting these two messages when fetchmail runs. What is postfix doing and what is it trying to tell me? Is this something I should fix on my end? Is postfix trying to resend some spam I received from yahoo? Or is it just having trouble delivering spam to my inbox? I'm running a simple home setup for myself using Fedora 12. Transcript of session follows. Out: 220 mymachine.mydomain.net ESMTP Postfix In: HELO mymachine Out: 250 mymachine.mydomain.net In: MAIL FROM: Out: 250 2.1.0 Ok In: RCPT TO:???B?\ olpcxcqkkqc...@aol.com Out: 501 5.1.3 Bad recipient address syntax In: QUIT Out: 221 2.0.0 Bye For other details, see the local mail logfile Date: Thu, 8 Apr 2010 13:02:01 -0700 (PDT) From: Mail Delivery System mailer-dae...@mymachine.mydomain.net To: Postmaster postmas...@mydomain.net Subject: Postfix SMTP server: errors from localhost[::1] Transcript of session follows. Out: 220 mymachine.mydomain.net ESMTP Postfix In: EHLO pop-ssl.plus.mail.a06.yahoodns.net Out: 250-mymachine.mydomain.net Out: 250-PIPELINING Out: 250-SIZE Out: 250-VRFY Out: 250-ETRN Out: 250-STARTTLS Out: 250-ENHANCEDSTATUSCODES Out: 250-8BITMIME Out: 250 DSN In: MAIL FROM:???B?\ olpcxcqkkqc...@aol.com BODY=8BITMIME SIZE=2131 Out: 501 5.1.7 Bad sender address syntax In: RSET Out: 250 2.0.0 Ok In: QUIT Out: 221 2.0.0 Bye For other details, see the local mail logfile This is from /var/log/maillog: Apr 8 13:02:00 mymachine postfix/smtpd[13072]: connect from localhost[::1] Apr 8 13:02:00 mymachine postfix/smtpd[13000]: connect from localhost[::1] Apr 8 13:02:01 mymachine postfix/cleanup[13003]: 00144E02007: message-id=20100408200201.00144e02...@mymachine.mydomain.net Apr 8 13:02:01 mymachine postfix/smtpd[13000]: disconnect from localhost[::1] Apr 8 13:02:01 mymachine postfix/qmgr[21590]: 00144E02007: from=double-bou...@mymachine.mydomain.net, size=759, nrcpt=1 (queue active) Apr 8 13:02:01 mymachine lmtpunix[12930]: accepted connection Apr 8 13:02:01 mymachine lmtpunix[12930]: lmtp connection preauth'd as postman Apr 8 13:02:01 mymachine lmtpunix[12930]: duplicate_check: 20100408200201.00144e02...@mymachine.mydomain.net user.john0 Apr 8 13:02:01 mymachine postfix/cleanup[13003]: 20E23E02009: message-id=20100408200201.20e23e02...@mymachine.mydomain.net Apr 8 13:02:01 mymachine lmtpunix[12930]: duplicate_check: 20100408200201.00144e02...@mymachine.mydomain.net user.john0 Apr 8 13:02:01 mymachine postfix/qmgr[21590]: 20E23E02009: from=double-bou...@mymachine.mydomain.net, size=957, nrcpt=1 (queue active) Apr 8 13:02:01 mymachine postfix/smtpd[13072]: disconnect from localhost[::1] Apr 8 13:02:01 mymachine lmtpunix[13071]: accepted connection Apr 8 13:02:01 mymachine lmtpunix[13071]: lmtp connection preauth'd as postman Apr 8 13:02:01 mymachine lmtpunix[12930]: Delivered: 20100408200201.00144e02...@mymachine.mydomain.net to mailbox: user.john Apr 8 13:02:01 mymachine lmtpunix[12930]: mystore: starting txn 2147490480 Apr 8 13:02:01 mymachine lmtpunix[12930]: mystore: committing txn 2147490480 Apr 8 13:02:01 mymachine lmtpunix[12930]: duplicate_mark: 20100408200201.00144e02...@mymachine.mydomain.net user.john 1270756921 320038 Apr 8 13:02:01 mymachine lmtpunix[12930]: mystore: starting txn 2147490481 Apr 8 13:02:01 mymachine lmtpunix[12930]: mystore: committing txn 2147490481 Apr 8 13:02:01 mymachine lmtpunix[12930]: duplicate_mark: 20100408200201.00144e02...@mymachine.mydomain.net .jo...@.sieve. 1270756921 0 Apr 8 13:02:01 mymachine lmtpunix[13071]: duplicate_check: 20100408200201.20e23e02...@mymachine.mydomain.net user.john0 Apr 8 13:02:01 mymachine postfix/lmtp[13008]: 00144E02007: to=j...@mydomain.net, orig_to=postmaster, relay=mymachine.mydomain.net[/var/lib/imap/socket/lmtp], delay=0.42, delays=0.06/0/0/0.35, dsn=2.1.5, status=sent (250 2.1.5 Ok) Apr 8 13:02:01 mymachine postfix/qmgr[21590]: 00144E02007: removed
Re: Mailgateway
On 4/8/2010 5:00 PM, postfix-us...@tja-server.de wrote: Noel Jones schrieb: This should use $data_directory rather than $queue_directory. $data_directory must be a directory owned by $mail_owner (default postfix) and not used by any other programs. On most systems this defaults to /var/lib/postfix. On my systems (Debian 4 and 5), data_directory is not set! And nothing points to /var/lib/postfix, which not even exists :-O postconf | grep directory | grep \/ | grep -v execution_directory_expansion_filter | grep -v '\$' command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/lib/postfix mail_spool_directory = /var/mail manpage_directory = /usr/share/man queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix sample_directory = /usr/share/doc/postfix/examples postconf mail_version mail_version = 2.3.8 Ah, antique postfix version. That parameter was added a couple years ago in postfix 2.5 http://www.postfix.org/postconf.5.html#data_directory Even though your version doesn't have data_directory built-in, you can add it to your main.cf: data_directory = /var/lib/postfix then type: # mkdir /var/lib/postfix # chown postfix /var/lib/postfix -- Noel Jones
Re: errors from postfix
On Thu, Apr 08, 2010 at 03:10:58PM -0700, John Schmitt wrote: I use fetchmail to get my email from yahoo gmail et al. Lately I've been getting these two messages when fetchmail runs. What is postfix doing and what is it trying to tell me? Is this something I should fix on my end? Is postfix trying to resend some spam I received from yahoo? Or is it just having trouble delivering spam to my inbox? I'm running a simple home setup for myself using Fedora 12. Transcript of session follows. Out: 220 mymachine.mydomain.net ESMTP Postfix In: HELO mymachine Out: 250 mymachine.mydomain.net In: MAIL FROM: Out: 250 2.1.0 Ok In: RCPT TO:???B?\ olpcxcqkkqc...@aol.com This is forward-path syntax from RFCs 821, 2821 or 5321. You can't just copy/paste the To: header from an RFC822 mail message into the RCPT TO: SMTP command. http://tools.ietf.org/html/rfc821 http://tools.ietf.org/html/rfc2821 http://tools.ietf.org/html/rfc5321 You should also keep in mind that is very wrong to determine who to send email to based on To: or Cc: headers, you must determine the intended recipient from an attribute that record the original envelope recipient. Otherwise, you'll create nasty forwarding loops and misdeliver email. -- Viktor. P.S. Morgan Stanley is looking for a New York City based, Senior Unix system/email administrator to architect and sustain our perimeter email environment. If you are interested, please drop me a note.
Re: errors from postfix
John Schmitt: I use fetchmail to get my email from yahoo gmail et al. Lately I've been getting these two messages when fetchmail runs. What is postfix doing and what is it trying to tell me? Is this something I should fix on my end? Is postfix trying to resend some spam I received from yahoo? Or is it just having trouble delivering spam to my inbox? I'm running a simple home setup for myself using Fedora 12. Transcript of session follows. Out: 220 mymachine.mydomain.net ESMTP Postfix In: HELO mymachine Out: 250 mymachine.mydomain.net In: MAIL FROM: Out: 250 2.1.0 Ok In: RCPT TO:???B?\ olpcxcqkkqc...@aol.com Out: 501 5.1.3 Bad recipient address syntax Postfix is telling you that the RCPT TO command has an invalid recipient address syntax. In particular, it appears that you take the To: header such as: To: Full name u...@example.com and then use that same syntax in the RCPT TO command as: RCPT TO:Full name u...@example.com This is not possible in SMTP. Apart from that it is a terrible mistake to use the To: header address for deciding where to deliver mail. For example, this message is To: postfix-users but it should be delivered to your own mailbox. If it isn't, you are likely to get unsubscribed soon. Wietse In: QUIT Out: 221 2.0.0 Bye For other details, see the local mail logfile Date: Thu, 8 Apr 2010 13:02:01 -0700 (PDT) From: Mail Delivery System mailer-dae...@mymachine.mydomain.net To: Postmaster postmas...@mydomain.net Subject: Postfix SMTP server: errors from localhost[::1] Transcript of session follows. Out: 220 mymachine.mydomain.net ESMTP Postfix In: EHLO pop-ssl.plus.mail.a06.yahoodns.net Out: 250-mymachine.mydomain.net Out: 250-PIPELINING Out: 250-SIZE Out: 250-VRFY Out: 250-ETRN Out: 250-STARTTLS Out: 250-ENHANCEDSTATUSCODES Out: 250-8BITMIME Out: 250 DSN In: MAIL FROM:???B?\ olpcxcqkkqc...@aol.com BODY=8BITMIME SIZE=2131 Out: 501 5.1.7 Bad sender address syntax In: RSET Out: 250 2.0.0 Ok In: QUIT Out: 221 2.0.0 Bye For other details, see the local mail logfile This is from /var/log/maillog: Apr 8 13:02:00 mymachine postfix/smtpd[13072]: connect from localhost[::1] Apr 8 13:02:00 mymachine postfix/smtpd[13000]: connect from localhost[::1] Apr 8 13:02:01 mymachine postfix/cleanup[13003]: 00144E02007: message-id=20100408200201.00144e02...@mymachine.mydomain.net Apr 8 13:02:01 mymachine postfix/smtpd[13000]: disconnect from localhost[::1] Apr 8 13:02:01 mymachine postfix/qmgr[21590]: 00144E02007: from=double-bou...@mymachine.mydomain.net, size=759, nrcpt=1 (queue active) Apr 8 13:02:01 mymachine lmtpunix[12930]: accepted connection Apr 8 13:02:01 mymachine lmtpunix[12930]: lmtp connection preauth'd as postman Apr 8 13:02:01 mymachine lmtpunix[12930]: duplicate_check: 20100408200201.00144e02...@mymachine.mydomain.net user.john0 Apr 8 13:02:01 mymachine postfix/cleanup[13003]: 20E23E02009: message-id=20100408200201.20e23e02...@mymachine.mydomain.net Apr 8 13:02:01 mymachine lmtpunix[12930]: duplicate_check: 20100408200201.00144e02...@mymachine.mydomain.net user.john0 Apr 8 13:02:01 mymachine postfix/qmgr[21590]: 20E23E02009: from=double-bou...@mymachine.mydomain.net, size=957, nrcpt=1 (queue active) Apr 8 13:02:01 mymachine postfix/smtpd[13072]: disconnect from localhost[::1] Apr 8 13:02:01 mymachine lmtpunix[13071]: accepted connection Apr 8 13:02:01 mymachine lmtpunix[13071]: lmtp connection preauth'd as postman Apr 8 13:02:01 mymachine lmtpunix[12930]: Delivered: 20100408200201.00144e02...@mymachine.mydomain.net to mailbox: user.john Apr 8 13:02:01 mymachine lmtpunix[12930]: mystore: starting txn 2147490480 Apr 8 13:02:01 mymachine lmtpunix[12930]: mystore: committing txn 2147490480 Apr 8 13:02:01 mymachine lmtpunix[12930]: duplicate_mark: 20100408200201.00144e02...@mymachine.mydomain.net user.john 1270756921 320038 Apr 8 13:02:01 mymachine lmtpunix[12930]: mystore: starting txn 2147490481 Apr 8 13:02:01 mymachine lmtpunix[12930]: mystore: committing txn 2147490481 Apr 8 13:02:01 mymachine lmtpunix[12930]: duplicate_mark: 20100408200201.00144e02...@mymachine.mydomain.net .jo...@.sieve. 1270756921 0 Apr 8 13:02:01 mymachine lmtpunix[13071]: duplicate_check: 20100408200201.20e23e02...@mymachine.mydomain.net user.john0 Apr 8 13:02:01 mymachine postfix/lmtp[13008]: 00144E02007: to=j...@mydomain.net, orig_to=postmaster, relay=mymachine.mydomain.net[/var/lib/imap/socket/lmtp], delay=0.42, delays=0.06/0/0/0.35, dsn=2.1.5, status=sent (250 2.1.5 Ok) Apr 8 13:02:01 mymachine postfix/qmgr[21590]: 00144E02007: removed
Re: Mailgateway
Noel Jones schrieb: data_directory = /var/lib/postfix then type: # mkdir /var/lib/postfix # chown postfix /var/lib/postfix Changed that too ... Although i dont realy understand, why /var/lib/postfix should be better than /var/spool/postfix What shall i do with the old stuff in var/spool/postfix now? :-O
Re: email to yahoo stuck in queue
On Thu, Apr 8, 2010 at 11:45 PM, Daniel V. Reinhardt crypto...@yahoo.com wrote: - Original Message From: jan gestre ipcopper...@gmail.com To: postfix users list postfix-users@postfix.org Sent: Thu, April 8, 2010 3:32:23 PM Subject: email to yahoo stuck in queue Hi, I've noticed lately that I have a lot mail stuck on queue, most are intended for yahoo users where most of the emails being sent to yahoo contains attachments mostly image files, flushing the queue doesn't do anything, and most of all yahoo doesn't do anything to my complaints. Any idea how to go about this? Here's my postfix configuration: [r...@mail ~]# postconf -n alias_database = hash:/etc/postfix/aliases alias_maps = hash:/etc/postfix/aliases broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 header_checks = regexp:/etc/postfix/header_checks html_directory = /usr/share/doc/postfix-2.5.5-documentation/html inet_interfaces = all mail_owner = postfix mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man maps_rbl_domains = bl.spamcop.net message_size_limit = 4096 mydestination = localhost mydomain = example.com myhostname = mail.example.com mynetworks = 192.168.8.0/24, 127.0.0.0/8 myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.5.5-documentation/readme recipient_delimiter = + relay_domains = $mydestination relayhost = sample_directory = /etc/postfix sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtpd_helo_required = yes smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks reject_unauth_destination permit_tls_all_clientcerts reject_non_fqdn_hostname reject_non_fqdn_sender reject_non_fqdn_recipient reject_unauth_destination reject_unauth_pipelining reject_invalid_hostname reject_rbl_client zen.spamhaus.org reject_rhsbl_sender dsn.rfc-ignorant.org reject_rbl_client bl.spamcop.net permit smtpd_sasl_auth_enable = yes smtpd_sasl_exceptions_networks = $mynetworks smtpd_sasl_path = /var/run/dovecot/auth-client smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_tls_cert_file = /etc/postfix/ssl/mail-cert.pem smtpd_tls_key_file = /etc/postfix/ssl/mail-key.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scache smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom transport_maps = hash:/etc/postfix/transport unknown_local_recipient_reject_code = 550 virtual_alias_maps = proxy:mysql:$config_directory/mysql_virtual_alias_maps.cf virtual_gid_maps = static:12 virtual_mailbox_base = /home/virtualmail virtual_mailbox_domains = proxy:mysql:$config_directory/mysql_virtual_domains_maps.cf virtual_mailbox_maps = proxy:mysql:$config_directory/mysql_virtual_mailbox_maps.cf virtual_minimum_uid = 150 virtual_transport = dovecot virtual_uid_maps = static:150 Jan, Can you show us some of the queued mail messages with obvious edits to hide the destinations user name? Also provide any logging information. Daniel Reinhardt Website: www.cryptodan.com Email: crypto...@yahoo.com Hi Daniel, Here is the log of one of the messages that is stuck on queue for sometime already: E2C48CA82EB 2028959 Thu Apr 8 12:19:23 us...@example.com (lost connection with b.mx.mail.yahoo.com[74.6.136.65] while sending end of data -- message may be sent more than once) us...@yahoo.com us...@yahoo.com Regards, Jan
Configuration Backup Script
I’m running Suse 10.3 Server and looking for a script like this that will backup all the system config files and any others that I would want, this is a db and mailbox users backup for my mail server ….. But I plan migrating to a new server, using the same distro that’s why I’m preparing it for restore again in case of emergency Any comments are welcome Bye …… echo echo BACKUP file Systems echo echo echo Security copy echo -- echo DIR_BACKUP=/media/backups DATE=`date +%Y-%m-%d-%H.00` DATE_OUT=`(date -r $(( $(date +script-security-backup) - (3 * 86400))) +%Y-%m-%d-%H.00)` # -- DB - #Security copy echo -= Data Base =- if [ -d /media/backups/db/db_$DATE ]; then echo Already exist /media/backups/db/db_$DATE else ##Backup mysql echo Security backup /media/backups/db/db_$DATE mkdir /media/backups/db/db_$DATE chmod 700 /media/backups/db/db_$DATE cp -Rp /var/lib/mysql/* /media/backups/db/db_$DATE chmod 700 /media/backups/db/db_$DATE/* rm /media/backups/db/db_$DATE/ib* cd /media/backups/db tar cvzf db_$DATE.tar.gz ./db_$DATE rm -rf ./db_$DATE ##Backup IMAP echo Security backup /media/backups/db/db-imap_$DATE mkdir /media/backups/db/db-imap_$DATE chmod 700 /media/backups/db/db-imap_$DATE cp -Rp /var/lib/imap/* /media/backups/db/db-imap_$DATE chmod 700 /media/backups/db/db-imap_$DATE/* tar cvzf db-imap_$DATE.tar.gz ./db-imap_$DATE rm -rf ./db-imap_$DATE ##Backup mailbox echo Security backup /media/backups/users/users_$DATE mkdir /media/backups/users/users_$DATE chmod 700 /media/backups/users/users_$DATE cp -Rp /var/spool/imap/user/* /media/backups/users/users_$DATE chmod 700 /media/backups/users/users_$DATE/* cd /media/backups/users tar cvzf users_$DATE.tar.gz ./users_$DATE rm -rf ./users_$DATE fi #Delete old copy if [ -d /media/backups/db/db_$DATE_OUT ]; then rm -rf /media/backups/db/db_$DATE_OUT echo old copy deleted /media/backups/db/db_$DATE_OUT fi echo echo echo .: Finish :. echo
Re: Configuration Backup Script
On Apr 8, 2010, at 9:57 PM, osmcr...@gmail.com wrote: I’m running Suse 10.3 Server and looking for a script like this that will backup all the system config files and any others that I would want, this is a db and mailbox users backup for my mail server ….. But I plan migrating to a new server, using the same distro that’s why I’m preparing it for restore again in case of emergency Any comments are welcome Bye …… echo yay greetings check out mailbfr for mail related configurations. http://osx.topicdesk.com/content/view/41/57/ -j
Re: email to yahoo stuck in queue
Hi all I use to have the same problems with yahoo aol servers, I dont know why the time of response of this servers are so slow ? i have to wait even 5 days to mails are delivered ... On Thu, Apr 8, 2010 at 7:43 PM, jan gestre ipcopper...@gmail.com wrote: On Thu, Apr 8, 2010 at 11:45 PM, Daniel V. Reinhardt crypto...@yahoo.com wrote: - Original Message From: jan gestre ipcopper...@gmail.com To: postfix users list postfix-users@postfix.org Sent: Thu, April 8, 2010 3:32:23 PM Subject: email to yahoo stuck in queue Hi, I've noticed lately that I have a lot mail stuck on queue, most are intended for yahoo users where most of the emails being sent to yahoo contains attachments mostly image files, flushing the queue doesn't do anything, and most of all yahoo doesn't do anything to my complaints. Any idea how to go about this? Here's my postfix configuration: [r...@mail ~]# postconf -n alias_database = hash:/etc/postfix/aliases alias_maps = hash:/etc/postfix/aliases broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 header_checks = regexp:/etc/postfix/header_checks html_directory = /usr/share/doc/postfix-2.5.5-documentation/html inet_interfaces = all mail_owner = postfix mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man maps_rbl_domains = bl.spamcop.net message_size_limit = 4096 mydestination = localhost mydomain = example.com myhostname = mail.example.com mynetworks = 192.168.8.0/24, 127.0.0.0/8 myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.5.5-documentation/readme recipient_delimiter = + relay_domains = $mydestination relayhost = sample_directory = /etc/postfix sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtpd_helo_required = yes smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks reject_unauth_destination permit_tls_all_clientcerts reject_non_fqdn_hostname reject_non_fqdn_sender reject_non_fqdn_recipient reject_unauth_destination reject_unauth_pipelining reject_invalid_hostname reject_rbl_client zen.spamhaus.org reject_rhsbl_sender dsn.rfc-ignorant.org reject_rbl_client bl.spamcop.net permit smtpd_sasl_auth_enable = yes smtpd_sasl_exceptions_networks = $mynetworks smtpd_sasl_path = /var/run/dovecot/auth-client smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_tls_cert_file = /etc/postfix/ssl/mail-cert.pem smtpd_tls_key_file = /etc/postfix/ssl/mail-key.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scache smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom transport_maps = hash:/etc/postfix/transport unknown_local_recipient_reject_code = 550 virtual_alias_maps = proxy:mysql:$config_directory/mysql_virtual_alias_maps.cf virtual_gid_maps = static:12 virtual_mailbox_base = /home/virtualmail virtual_mailbox_domains = proxy:mysql:$config_directory/mysql_virtual_domains_maps.cf virtual_mailbox_maps = proxy:mysql:$config_directory/mysql_virtual_mailbox_maps.cf virtual_minimum_uid = 150 virtual_transport = dovecot virtual_uid_maps = static:150 Jan, Can you show us some of the queued mail messages with obvious edits to hide the destinations user name? Also provide any logging information. Daniel Reinhardt Website: www.cryptodan.com Email: crypto...@yahoo.com Hi Daniel, Here is the log of one of the messages that is stuck on queue for sometime already: E2C48CA82EB 2028959 Thu Apr 8 12:19:23 us...@example.com (lost connection with b.mx.mail.yahoo.com[74.6.136.65] while sending end of data -- message may be sent more than once) us...@yahoo.com us...@yahoo.com Regards, Jan
