Timing information for postmaster mails generated by notify_classes
Right now the postmaster mails generated by notify_classes do not contain any timing information (except for the date of the notification mail sent). If theses mails had timing information (see example below), timeout problems could be diagnosed much easier: Mar 28 08:30:00 Out: 220 octree.de ESMTP Postfix Mar 28 08:30:00 In: EHLO mailout07.t-online.de Mar 28 08:30:00 Out: 250-octree.de Mar 28 08:30:00 Out: 250-PIPELINING Mar 28 08:30:00 Out: 250-SIZE 10240 Mar 28 08:30:00 Out: 250-VRFY Mar 28 08:30:00 Out: 250-ETRN Mar 28 08:30:00 Out: 250-AUTH PLAIN Mar 28 08:30:00 Out: 250-AUTH=PLAIN Mar 28 08:30:00 Out: 250-ENHANCEDSTATUSCODES Mar 28 08:30:00 Out: 250-8BITMIME Mar 28 08:30:00 Out: 250 DSN Mar 28 08:30:00 In: MAIL FROM:info at sender.example.com SIZE=112002 Mar 28 08:30:00 Out: 250 2.1.0 Ok Mar 28 08:30:00 In: RCPT TO:architekten at recipient.example.com Mar 28 08:30:00 Out: 250 2.1.5 Ok Mar 28 08:30:00 In: DATA Mar 28 08:30:00 Out: 354 End data with CRLF.CRLF Mar 28 08:35:00 Out: 451 4.3.0 Error: queue file write error -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de
Re: Timing information for postmaster mails generated by notify_classes
Ralf Hildebrandt: [ Charset UTF-8 unsupported, converting... ] Right now the postmaster mails generated by notify_classes do not contain any timing information (except for the date of the notification mail sent). If theses mails had timing information (see example below), timeout problems could be diagnosed much easier: Mar 28 08:30:00 Out: 220 octree.de ESMTP Postfix Mar 28 08:30:00 In: EHLO mailout07.t-online.de Mar 28 08:30:00 Out: 250-octree.de Mar 28 08:30:00 Out: 250-PIPELINING Mar 28 08:30:00 Out: 250-SIZE 10240 Mar 28 08:30:00 Out: 250-VRFY Mar 28 08:30:00 Out: 250-ETRN Mar 28 08:30:00 Out: 250-AUTH PLAIN Mar 28 08:30:00 Out: 250-AUTH=PLAIN Mar 28 08:30:00 Out: 250-ENHANCEDSTATUSCODES Mar 28 08:30:00 Out: 250-8BITMIME Mar 28 08:30:00 Out: 250 DSN Mar 28 08:30:00 In: MAIL FROM:info at sender.example.com SIZE=112002 Mar 28 08:30:00 Out: 250 2.1.0 Ok Mar 28 08:30:00 In: RCPT TO:architekten at recipient.example.com Mar 28 08:30:00 Out: 250 2.1.5 Ok This is logged with the client and queue ID: MMM dd hh:mm:ss myname postfix/smtpd[xxx]: QUEUEID: client=yyy Mar 28 08:30:00 In: DATA Mar 28 08:30:00 Out: 354 End data with CRLF.CRLF Mar 28 08:35:00 Out: 451 4.3.0 Error: queue file write error This is logged (with the real problem description) in the maillog file, where you will have to look anyway to find out what is amiss. Wietse -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung Netzwerk Charit? - Universit?tsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de
minor typo in Postfix's change log
Hi, while looking in the change log for some info about an issue I'm having[1] I found a simple typo in the date specified as shown here: 20200102 Workaround: don't report bogus Berkeley DB close errors as fatal errors. All operations before close are already error checked, so the data is known to be safe. File: util/dict_db.c. Didn't know to how to report this in another way (without 'spamming' the ML). Regards. [1] postfix/verify[3209]: close database /var/lib/postfix/verify_cache.db: No such file or directory
Re: postfix for dummies (me) probably a general error in config of smtp
On 2011-03-25 5:27 PM, Walt Shekrota wrote: smtpd_sasl_type = dovecot dovecot's sasl implementation doesn't support CLIENT side SASL auth, only server side. If you need client side SASL AUTH capability, use Cyrus-SASL... -- Best regards, Charles
Re: postfix for dummies (me) probably a general error in config of smtp
Am 28.03.2011 18:01, schrieb Charles Marcus: On 2011-03-25 5:27 PM, Walt Shekrota wrote: smtpd_sasl_type = dovecot dovecot's sasl implementation doesn't support CLIENT side SASL auth, only server side. If you need client side SASL AUTH capability, use Cyrus-SASL... to specify exactly: smtpd_sasl_type: smtpd = receive mails, smtp = send mails it is enough to install the following packages as example for fedora and configure for which hosts which username/password has to be used and postfix will do this, you do not need smptd_sasl for this cyrus-sasl-plain-2.1.23-11.fc13.x86_64 cyrus-sasl-2.1.23-11.fc13.x86_64 cyrus-sasl-md5-2.1.23-11.fc13.x86_64 cyrus-sasl-ntlm-2.1.23-11.fc13.x86_64 cyrus-sasl-lib-2.1.23-11.fc13.x86_64 Below a configuration of an internal-relay-hosts which DOES NOT accept SASL-Authentications (only connections from few ip's) and manage over what hosts some messages has to be relayed and what auth the realyhost need to send messages authenticated for domains with SPF for which we provide services too and will not connect directly to the rcpt smtp_sasl_auth_enable= yes smtp_sasl_password_maps = hash:/etc/postfix/smtp_relayhost_auth smtp_sasl_security_options = noanonymous smtp_sender_dependent_authentication = yes sender_dependent_relayhost_maps = hash:/etc/postfix/sender_relayhost [root@thx1138:~]$ cat /etc/postfix/smtp_relayhost_auth # After changes: postmap /etc/postfix/smtp_relayhost_auth mai...@domain.tld username:password [root@thx1138:~]$ cat /etc/postfix/sender_relayhost # After changes: postmap /etc/postfix/sender_relayhost mai...@domain.tld [relayhost.domain.tld] signature.asc Description: OpenPGP digital signature
Re: postfix for dummies (me) probably a general error in config of smtp
On Mon, Mar 28, 2011 at 12:01:18PM -0400, Charles Marcus wrote: On 2011-03-25 5:27 PM, Walt Shekrota wrote: smtpd_sasl_type = dovecot dovecot's sasl implementation doesn't support CLIENT side SASL auth, only server side. If you need client side SASL AUTH capability, use Cyrus-SASL... The NetBSD (current) Postfix now has an alternative (not Cyrus) client-side SASL implementation: saslc. $ uname -sr NetBSD 5.99.48 $ /usr/sbin/postconf -a dovecot $ /usr/sbin/postconf -A saslc $ ldd /usr/libexec/postfix/smtp /usr/libexec/postfix/smtp: -lssl.8 = /usr/lib/libssl.so.8 -lcrypto.6 = /usr/lib/libcrypto.so.6 -lcrypt.1 = /lib/libcrypt.so.1 -lc.12 = /usr/lib/libc.so.12 -lsaslc.0 = /usr/lib/libsaslc.so.0 -lgssapi.9 = /usr/lib/libgssapi.so.9 -lkrb5.24 = /usr/lib/libkrb5.so.24 -lhx509.4 = /usr/lib/libhx509.so.4 -lasn1.8 = /usr/lib/libasn1.so.8 -lcom_err.6 = /usr/lib/libcom_err.so.6 -lroken.14 = /usr/lib/libroken.so.14 -lutil.7 = /usr/lib/libutil.so.7 -lheimntlm.3 = /usr/lib/libheimntlm.so.3 -lldap.4 = /usr/lib/libldap.so.4 -llber.3 = /usr/lib/liblber.so.3 -- Viktor.
Re: postfix for dummies (me) probably a general error in config of smtp
On 2011-03-28 12:12 PM, Reindl Harald wrote: Am 28.03.2011 18:01, schrieb Charles Marcus: On 2011-03-25 5:27 PM, Walt Shekrota wrote: smtpd_sasl_type = dovecot dovecot's sasl implementation doesn't support CLIENT side SASL auth, only server side. If you need client side SASL AUTH capability, use Cyrus-SASL... to specify exactly: smtpd_sasl_type: smtpd = receive mails, smtp = send mails Interesting - I never even noticed you can specify a different type for each, so I thought the one setting was for both... guess I should have checked postconf -d output before posting... But at least now I do know - thanks for pointing that out... -- Best regards, Charles
Re: postfix for dummies (me) probably a general error in config of smtp
Am 28.03.2011 18:30, schrieb Charles Marcus: to specify exactly: smtpd_sasl_type: smtpd = receive mails, smtp = send mails Interesting - I never even noticed you can specify a different type for each, so I thought the one setting was for both... guess I should have checked postconf -d output before posting... But at least now I do know - thanks for pointing that out... no problem :-) even after running a well designed mailsystem since 2009 where i thought this is perfect and can all do we ever want and need i have learned so many things the last few months, email is really a big terrain -- Mit besten Grüßen, Reindl Harald the lounge interactive design GmbH A-1060 Vienna, Hofmühlgasse 17 CTO / software-development / cms-solutions p: +43 (1) 595 3999 33, m: +43 (676) 40 221 40 icq: 154546673, http://www.thelounge.net/ signature.asc Description: OpenPGP digital signature
RE: Making my own pipe..
From: owner-postfix-us...@postfix.org [mailto:owner-postfix- us...@postfix.org] On Behalf Of Jeroen Geilman Sent: Saturday, March 26, 2011 2:34 PM To: postfix-users@postfix.org Subject: Re: Making my own pipe.. On 03/25/2011 12:02 AM, Simon Brereton wrote: Hi I'm still trying to get Postfix to use deliverquota to deliver the mails to my Maildirs. The only thing I could find on the net was a comment from Magnus http://www.irbs.net/internet/postfix/0412/1673.html that I had to make my own pipe. So this is my attempt: deliverquota unix - n n - - pipe flags=DRhu user=vmail argv=/usr/bin/deliverquota $domain/$recipient One concern - vmail is not a user on my system (and since I copied this from the maildrop pipe, I'm now wondering how mail is delivered at all. Not via maildrop, since the user does not exist. The first message postfix tries to deliver to the maildrop transport will crash it with a fatal error. For basic information on how (local) mail is delivered, read http://www.postfix.org/OVERVIEW.html#delivering I agree with your diagnosis :) I'm just now confused as to what *is* delivering mail. I'll try to figure that out. My first question is, is $domain/$recipient the way to deliver a Maildir structure that is always domain.tld/user where user is the portion before the @ - this is the way I've understood man pipe, but I'd like to be sure. Do I need it to be unpriv or not? The choice of mailstore is unrelated to any other postfix configuration options; it's just a choice. If you want mail to be stored in /var/mail/domain.tld/username then the above will accomplish that. I'm unsure what you mean by unpriv - postfix does not execute setuid root programs, so in that sense, everything is unprivileged. Thanks for the validation. As for the unpriv - I was just going off the table headers in master.cf My second question is what happens when deliverquota refuses to deliver the mail because the Maildir is over quota? Does postfix try to deliver a DNS? That depends on the status deliverquota returns to postfix. If it's a temporary error, the message will be deferred and retried later. If it's a permanent error, the message will be rejected and postfix will generate a DSN back to the originator. Okay - either will be great so long as the permanent error is something about over quota. Or can be customised as such. Thanks for the pointers.
Re: minor typo in Postfix's change log
On 03/28/2011 02:59 PM, Lima Union wrote: [1] postfix/verify[3209]: close database /var/lib/postfix/verify_cache.db: No such file or directory Are you USING sender or recipient verification ? If so, does the verify daemon run chrooted ? -- J.
Postfix problem across the LAN
Back in 2006 this list helped me set up Postfix on my server box in such a way that it separated local (LAN) mail from external mail, and it has worked well ever since. On my local boxes and laptops I set up transport in a very similar way, sending external mail to my ISP's smtp server, and sending LAN mail to my mail server box, where it was delivered to users' Inboxes. Now I want to extend that. Specifically I want to be able to run Logwatch on this laptop, for instance, and have the report go to the server box, and here I came unstuck. I have tried everything I can think of, but feel that I'm now thrashing about. My last effort was to set Transport to send everything to 192.168.0.40. When I ran Logwatch, this is what happened: The original message was received at Mon, 28 Mar 2011 14:17:49 +0100 from tosh [127.0.0.1] - The following addresses had permanent fatal errors - a...@lydgate.org (reason: 550 Host unknown) (expanded from: root@localhost.localdomain) - Transcript of session follows - 550 5.1.2 a...@lydgate.org... Host unknown (Name server: 192.168.0.40: host not found) Can you please help me find and fix the problem? Thanks Anne -- New to KDE Software? - get help from http://userbase.kde.org signature.asc Description: This is a digitally signed message part.
Re: minor typo in Postfix's change log
Jeroen Geilman: On 03/28/2011 02:59 PM, Lima Union wrote: [1] postfix/verify[3209]: close database /var/lib/postfix/verify_cache.db: No such file or directory Are you USING sender or recipient verification ? The same bogus error may be reported with the tlsmgr(8) session cache and with the postscreen(8) whitelist cache. Apparently it happens in programs that use the first/next iterator; Postfix uses that for cache cleanup. Wietse
postfix can't open local recipient file .db extension
Hello, I'm running Postfix on FreeBSD 8.2. Postfix complaints about this line in my configuration local_recipient_database = hash:/usr/local/etc/postfix/userdb, hash:/usr/local/etc/postfix/uservirt The error: postfix/smtpd[1476]: fatal: open database /usr/local/etc/postfix/userdb.db: Invalid argument my Configuration: alias_database = hash:/usr/local/etc/postfix/aliases smtpd_sender_restrictions = reject_unknown_sender_domain, reject_non_fqdn_sender, permit_mynetworks smtpd_helo_required = yes disable_vrfy_command = yes smtpd_client_restrictions = hash:/usr/local/etc/postfix/access smtpd_helo_restrictions = permit_mynetworks, reject_non_fqdn_hostname, reject_invalid_hostname smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, unknown_address_reject_code = 554 unknown_hostname_reject_code = 554 unknown_client_reject_code = 554 unverified_recipient_reject_code = 550 unverified_sender_reject_code = 550 unknown_local_recipient_reject_code = 550 strict_rfc821_envolopes = yes myorigin = domain.tls myhostname = machine1.domain.tls mydestination = domain1.tls, domain21.tls mynetworks = 127.0.0.0/8, biff = no smtpd_banner = machine1.domain.tls message_size_limit = 5000 anvil_rate_time_unit = 2s smtpd_error_sleep_time=0 local_recipient_maps = hash:/usr/local/etc/postfix/userdb, hash:/usr/local/etc/postfix/uservirt content_filter=smtp-amavis:[127.0.0.1]:10024 alternate_config_directories = /usr/local/etc/postfix-out Any suggestions are welc ome. Thanks, -motty
Postfix 2.8.2 for Solaris
Hello, I've updated the Postfix packages for Solaris 10 to 2.8.2. Features: - Native SysV Solaris package - Build with Sun Studio 12.1 - Linked against the native LDAP libraries - No dependencies against 3rd party packages - SMF support - Sparse zone safe - Jumpstart safe More details and upgrade instructions are available on: http://ihsan.dogan.ch/postfix/ For Sparc: http://ihsan.dogan.ch/postfix/downloads/CNDpostfix-2.8.2,REV=110328-SunOS5.10-sparc.pkg.bz2 For x86: http://ihsan.dogan.ch/postfix/downloads/CNDpostfix-2.8.2,REV=110328-SunOS5.10-i386.pkg.bz2 -- ih...@dogan.chhttp://blog.dogan.ch/
Re: Postfix problem across the LAN
On 03/28/2011 07:47 PM, Anne Wilson wrote: Back in 2006 this list helped me set up Postfix on my server box in such a way that it separated local (LAN) mail from external mail, and it has worked well ever since. On my local boxes and laptops I set up transport in a very similar way, sending external mail to my ISP's smtp server, and sending LAN mail to my mail server box, where it was delivered to users' Inboxes. Now I want to extend that. Specifically I want to be able to run Logwatch on this laptop, for instance, and have the report go to the server box, and here I came unstuck. I have tried everything I can think of, but feel that I'm now thrashing about. My last effort was to set Transport to send everything to 192.168.0.40. When I ran Logwatch, this is what happened: The original message was received at Mon, 28 Mar 2011 14:17:49 +0100 from tosh [127.0.0.1] - The following addresses had permanent fatal errors - a...@lydgate.org (reason: 550 Host unknown) (expanded from:root@localhost.localdomain) - Transcript of session follows - 550 5.1.2 a...@lydgate.org... Host unknown (Name server: 192.168.0.40: host not found) This will be caused by not wrapping a literal IP address inside []: relayhost = [192.168.0.40] Can you please help me find and fix the problem? I doubt this is your real - or only - problem. Include postconf -n and relevant logs for more constructive help. -- J.
Re: postfix can't open local recipient file .db extension
On 03/28/2011 09:01 PM, motty.cruz wrote: Hello, I'm running Postfix on FreeBSD 8.2. Postfix complaints about this line in my configuration local_recipient_database = hash:/usr/local/etc/postfix/userdb, hash:/usr/local/etc/postfix/uservirt ITYM local_recipient_MAPS. The error: postfix/smtpd[1476]: fatal: open database /usr/local/etc/postfix/userdb.db: Invalid argument Did you run postmap(8) on it ? local_recipient_maps = hash:/usr/local/etc/postfix/userdb, hash:/usr/local/etc/postfix/uservirt This one is correct; all you're missing is $ postmap /usr/local/etc/postfix/userdb (and also uservirt, if you forgot that) -- J.
Re: minor typo in Postfix's change log
On 3/28/2011 8:59 AM, Lima Union wrote: Hi, while looking in the change log for some info about an issue I'm having[1] I found a simple typo in the date specified as shown here: 20200102 Workaround: don't report bogus Berkeley DB close errors as fatal errors. All operations before close are already error checked, so the data is known to be safe. File: util/dict_db.c. Didn't know to how to report this in another way (without 'spamming' the ML). Regards. [1] postfix/verify[3209]: close database /var/lib/postfix/verify_cache.db: No such file or directory I don't think that is the problem, 20200102 as a date seems a off? -- All that is necessary for the triumph of evil is that good men do nothing. (Edmund Burke)
Re: postfix can't open local recipient file .db extension
On 03/28/2011 10:30 PM, motty.cruz wrote: Hello Jeroen, I appreciate your support very much. In my main.cf file I had local_recipient_database = hash:/usr/local/etc/postfix/userdb, hash:/usr/local/etc/postfix/uservirt That line above does not give me any errors but you're right it does not work, because I get the following in my logs: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 550 5.1.1 mo...@domain.tls: Recipient address rejected: User unknown in local recipient table; from=motty_t...@domain.tls to=mo...@domain.tlsproto=SMTP helo=domain.tls That would be because the above is not a valid postfix configuration setting, as I already explained. But if I change the line above to: local_recipient_maps = hash:/usr/local/etc/postfix/userdb, hash:/usr/local/etc/postfix/uservirt that when I get the error: fatal: open database /usr/local/etc/postfix/userdb.db: Invalid argument I do not think is permission problems, -rw-r--r-- 1 root wheel 1232896 Mar 28 11:13 userdb.db 1.2 MEGAbytes ? Really ? I am curious what exactly the postmap command was. -rw-r--r-- 1 root wheel16384 Mar 28 11:13 uservirt.db Thank you very much for your help, Please, reply to the LIST, and don't TOP-POST. 2 very simple rules to make everybody's life easier. -motty *From:* Jeroen Geilman [mailto:jer...@adaptr.nl] *Sent:* Monday, March 28, 2011 1:19 PM *To:* motty.cruz *Subject:* Re: postfix can't open local recipient file .db extension On 03/28/2011 10:03 PM, motty.cruz wrote: Thanks for your prompt reply. Yes I did run Postmap /usr/local/etc/postfix/userdb uservirt That is hardly a valid command. Again, you need to be sure which setting you actually changed - is it local_recipient_database or local_recipient_maps ? Assigning a value to an unknown parameter will not throw an error, but it won't work, either. I'm not sure what could be the issue # postconf -m btree cdb cidr environ hash internal nis pcre proxy regexp static tcp texthash unix it support hash, any suggestions? Thanks, -motty *From:* owner-postfix-us...@postfix.org mailto:owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org] *On Behalf Of *Jeroen Geilman *Sent:* Monday, March 28, 2011 12:40 PM *To:* postfix-users@postfix.org mailto:postfix-users@postfix.org *Subject:* Re: postfix can't open local recipient file .db extension On 03/28/2011 09:01 PM, motty.cruz wrote: Hello, I'm running Postfix on FreeBSD 8.2. Postfix complaints about this line in my configuration local_recipient_database = hash:/usr/local/etc/postfix/userdb, hash:/usr/local/etc/postfix/uservirt ITYM local_recipient_MAPS. The error: postfix/smtpd[1476]: fatal: open database /usr/local/etc/postfix/userdb.db: Invalid argument Did you run postmap(8) on it ? local_recipient_maps = hash:/usr/local/etc/postfix/userdb, hash:/usr/local/etc/postfix/uservirt This one is correct; all you're missing is $ postmap /usr/local/etc/postfix/userdb (and also uservirt, if you forgot that) -- J. No virus found in this message. Checked by AVG - www.avg.com http://www.avg.com Version: 10.0.1204 / Virus Database: 1498/3535 - Release Date: 03/28/11 -- J. No virus found in this message. Checked by AVG - www.avg.com http://www.avg.com Version: 10.0.1204 / Virus Database: 1498/3535 - Release Date: 03/28/11 -- J.