Re: executive parser (was: Re: spf configuration woes)
On Saturday 05 November 2011 22:40:03 Murray S. Kucherawy wrote: -Original Message- From: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org] On Behalf Of David Southwell Sent: Saturday, November 05, 2011 9:41 AM To: postfix-users@postfix.org Cc: /dev/rob0 Subject: Re: executive parser (was: Re: spf configuration woes) Just to add weight to my last posting - the use of a as a critical symbol is really quite idiotic. What cannot be seen should never be that significant! The current RFC defining email message format is RFC5322, and it uses leading whitespace as line continuation in header fields. Its antecedents, going back as far as RFC733 (1977) and perhaps further, do the same thing. Thus, your assertion appears to be in conflict with quite a bit of operational history and experience. I think what is being forgotten here is that administrators have to cope with a whole variety of software. The history of one narrow sphere (e.g.) mail is being used to define an approach which does not think of the needs of administrators who are pushing for software engineers to adopt uniform approach across the whole spectrum. Hence thoughtful engineers incorporate diagnostic parsers and html configuration tools. IMHO postfix has been very slow to develop an apporocah which places the needs of system administrators in the forefront of its development strategy. People make mistakes. Even the most experienced administrators. Administrators are not primarily programmers. They look at configuration files. During a busy day they do not want the hassle of having to ask themselves the question What do spaces do in this .config .cf file? Good configuration files make their formatting requirement obvious. That is why I say the use of is, in an administrator's context, idiotic. It is idiotic because it demands that adminstrator to ask himself/he rself the question is this significant or insignificant. When there are hundreds of in a file the luckless adminstrator has too much on his/her plate when trying to fix a problem as quickly as possible. I have been taking this list silently for years. Amonst a lot of genuinely helpful contributions I have witnessed a regular splattering of rudeness and arrogance by some long standing contributors heaped on the heads of luckless administrators trying to succesfully configure postfix. The design of Postfix's configuration system and supporting documentation represents the honest efforts of people who have a single point of focus namely: Making postfix work when it has been given the appropriate configuration data. IMHO Postfix needs to add to its goals a determination to make configuration a breeze rather than a challenge. That means diagnostic and corrective parsers and or an html based configuration interface. Such facilities would cut down the traffic on this list and stop a few people looking down their noses at those who make a mistake.
Re: spf configuration woes
Zitat von David Southwell ad...@vizion2000.net: On Saturday 05 November 2011 06:42:12 Simon Brereton wrote: On 5 November 2011 08:21, David Southwell ad...@vizion2000.net wrote: On Saturday 05 November 2011 05:13:22 Wietse Venema wrote: David Southwell: Did you read the original posting and the reply from Kamil. He spotted the primary cause. It was he who spotted the extrabefore policyd-spf in master.cf which was in the part of the post you cut out. So you were right it was an error in the master.cf but noone else spotted it before Kamil made his contribution. You could have spotted it days ago with lsof/netstat which would have told you immediately that postfix was not listening on the socket. Wietse Typical Wietse response. Everyone could see postfix was not listening but it And Wietse was trying to get you to find out why - instead of making random changes. He asked you at least twice to run netstat - did you do it? yes - I had done it before wietse asked - it was too blindingly obvious everyone knew it was not starting. Wietse is too fond of being downright rude. It would have saved you 18 hours and at least 3 long mails if you had. Typically ungrateful response to Wietse's help is more like it. People come on here, expect it him not only to write it, but keep it secure and spot typgraphical errors in their own configs because they're too lazy to look (and that laziness is exemplified by a laziness to follow a simple diagnostic instruction). Misplaced critique. Like wietse you are jumping to conclusions. Assuming the worst rather than the best of people. The recomendation came after not before the act. took Kamil's careful scrutiny and knowledge to identify why - knowing why was what led to the solution. Which you'd have had much much earlier without the hand-holding had you followed Wietse's first request to run netstat. Sorry but that is B**t! The information about the excess space was there -- Wietse just didn't see it unless he was deliberately concealing the fact that he knew the excess space was there. That could not be true because he would have known that netstat would not have revealed the fact theat there was an excess space in the file. What would therefore have been the purpose of running netstat? Diagnosis is valuable but without the ability to define the treatment the diagnosis is merely a matter of record. Only valuable if you follow the steps you're asked to perform. Spoonfeeding and proof-reading your errors in your config files is not diagnosis. Clearly postfix is need of an intelligent parser that will to pinpoint errors such as this in master.cf and main.cf. That is because stupid computers are better at parsing chores than human beings. Postfix has such a parser - which is why the documentation points out that lines should not start with a white-space. Humble humans acknowledge we make errors. Wise humans use stupid computers to perform tasks that people are not good at. Stupid humans tell other people they are stupid when they make mistakes and tell them RTFM! You are failing to distinguish between a diagnostic parser and an executive parser. An executive parser rejects incorrectly configured lines at runtime. A diagnostic parser would tell you that there is an excess space at a specific location. A really good executive parser would also log the location of incorrectly configured lines to facilitate the work of an administrator. I do not expect anyone to solve my problems. On the other hand I do not expect them to be gratuitously rude rather than helpfully constructive. IF Wietse is unable to restrain himself from repeated bouts of arrogant rudeness then, IMHO, he needs counselling. In this case Kemil spotted the error. That helped me spot other errors. Kemil was constructive IMHPO Wietse was plain rude. Another one for the kill-file... While it might be true that there is room for improvment your tone is plain rude. You eat the free meal and demand that it is cooked for your taste. Take it or leave it. Andreas smime.p7s Description: S/MIME Cryptographic Signature
Re: executive parser
Am 06.11.2011 10:22, schrieb David Southwell: Hence thoughtful engineers incorporate diagnostic parsers and html configuration tools. IMHO postfix has been very slow to develop an apporocah which places the needs of system administrators in the forefront of its development strategy. what exactly are you missing what cat, grep, more and tail can not do with logfiles? People make mistakes. Even the most experienced administrators. Administrators are not primarily programmers. They look at configuration files. During a busy day they do not want the hassle of having to ask themselves the question What do spaces do in this .config .cf file? please speak for you and not for the admininstrators Good configuration files make their formatting requirement obvious. That is why I say the use of is, in an administrator's context, idiotic. i would call idiotic a beginner who is to lazy to learn It is idiotic because it demands that adminstrator to ask himself/he rself the question is this significant or insignificant. When there are hundreds of in a file the luckless adminstrator has too much on his/her plate when trying to fix a problem as quickly as possible. bullshit if ou have any problem to see with one look what the spaces on the following config-snippet are doing you should stop to play administrator because you are the wrong person in th wrong job you can write this all in ONE LINE if you want and the space was invited to make it more readable proxy_read_maps = proxy:mysql:/etc/postfix/mysql-mynetworks.cf proxy:mysql:/etc/postfix/mysql-mydestination.cf proxy:mysql:/etc/postfix/mysql-recipients.cf proxy:mysql:/etc/postfix/mysql-rewritedomains.cf proxy:mysql:/etc/postfix/mysql-rewritesenders.cf proxy:mysql:/etc/postfix/mysql-transport.cf proxy:mysql:/etc/postfix/mysql-sender_relay_hosts.cf proxy:mysql:/etc/postfix/mysql-sender_relay_hosts_auth.cf proxy:mysql:/etc/postfix/mysql-aliases.cf proxy:mysql:/etc/postfix/mysql-senderaccess.cf proxy:mysql:/etc/postfix/mysql-spamfilter.cf proxy:mysql:/etc/postfix/mysql-forwarders.cf smtpd_helo_restrictions = permit_mynetworks permit_sasl_authenticated reject_non_fqdn_helo_hostname reject_invalid_helo_hostname reject_unknown_helo_hostname smtpd_recipient_restrictions = permit_mynetworks reject_non_fqdn_recipient reject_non_fqdn_sender reject_unlisted_sender reject_authenticated_sender_login_mismatch permit_sasl_authenticated reject_unknown_sender_domain reject_unknown_recipient_domain reject_unauth_destination reject_unknown_reverse_client_hostname reject_invalid_hostname reject_unauth_pipelining check_recipient_access proxy:mysql:/etc/postfix/mysql-spamfilter.cf signature.asc Description: OpenPGP digital signature
Re: executive parser
Am 06.11.2011 10:22, schrieb David Southwell: IMHO Postfix needs to add to its goals a determination to make configuration a breeze rather than a challenge. That means diagnostic and corrective parsers and or an html based configuration interface. so and now i will tell you that i have started with postfix in summer 2009 at the same time as with dbmail and wrote a html-backend with database driven configuration and a lot of postfix-options most people never heard of within two months from scratch - that should show you that the documentation and logic can not be so bad on the other hand i would never in my life use any web-interface not written by my own because they are mostly not as flexible as needed because it is impossible to do this with any graphical interface signature.asc Description: OpenPGP digital signature
Re: spf configuration woes
On Sunday 06 November 2011 01:46:35 lst_ho...@kwsoft.de wrote: Zitat von David Southwell ad...@vizion2000.net: On Saturday 05 November 2011 06:42:12 Simon Brereton wrote: On 5 November 2011 08:21, David Southwell ad...@vizion2000.net wrote: On Saturday 05 November 2011 05:13:22 Wietse Venema wrote: David Southwell: Did you read the original posting and the reply from Kamil. He spotted the primary cause. It was he who spotted the extra before policyd-spf in master.cf which was in the part of the post you cut out. So you were right it was an error in the master.cf but noone else spotted it before Kamil made his contribution. You could have spotted it days ago with lsof/netstat which would have told you immediately that postfix was not listening on the socket. Wietse Typical Wietse response. Everyone could see postfix was not listening but it And Wietse was trying to get you to find out why - instead of making random changes. He asked you at least twice to run netstat - did you do it? yes - I had done it before wietse asked - it was too blindingly obvious everyone knew it was not starting. Wietse is too fond of being downright rude. It would have saved you 18 hours and at least 3 long mails if you had. Typically ungrateful response to Wietse's help is more like it. People come on here, expect it him not only to write it, but keep it secure and spot typgraphical errors in their own configs because they're too lazy to look (and that laziness is exemplified by a laziness to follow a simple diagnostic instruction). Misplaced critique. Like wietse you are jumping to conclusions. Assuming the worst rather than the best of people. The recomendation came after not before the act. took Kamil's careful scrutiny and knowledge to identify why - knowing why was what led to the solution. Which you'd have had much much earlier without the hand-holding had you followed Wietse's first request to run netstat. Sorry but that is B**t! The information about the excess space was there -- Wietse just didn't see it unless he was deliberately concealing the fact that he knew the excess space was there. That could not be true because he would have known that netstat would not have revealed the fact theat there was an excess space in the file. What would therefore have been the purpose of running netstat? Diagnosis is valuable but without the ability to define the treatment the diagnosis is merely a matter of record. Only valuable if you follow the steps you're asked to perform. Spoonfeeding and proof-reading your errors in your config files is not diagnosis. Clearly postfix is need of an intelligent parser that will to pinpoint errors such as this in master.cf and main.cf. That is because stupid computers are better at parsing chores than human beings. Postfix has such a parser - which is why the documentation points out that lines should not start with a white-space. Humble humans acknowledge we make errors. Wise humans use stupid computers to perform tasks that people are not good at. Stupid humans tell other people they are stupid when they make mistakes and tell them RTFM! You are failing to distinguish between a diagnostic parser and an executive parser. An executive parser rejects incorrectly configured lines at runtime. A diagnostic parser would tell you that there is an excess space at a specific location. A really good executive parser would also log the location of incorrectly configured lines to facilitate the work of an administrator. I do not expect anyone to solve my problems. On the other hand I do not expect them to be gratuitously rude rather than helpfully constructive. IF Wietse is unable to restrain himself from repeated bouts of arrogant rudeness then, IMHO, he needs counselling. In this case Kemil spotted the error. That helped me spot other errors. Kemil was constructive IMHPO Wietse was plain rude. Another one for the kill-file... While it might be true that there is room for improvment your tone is plain rude. You eat the free meal and demand that it is cooked for your taste. Take it or leave it. Andreas That is plain B**t. I am making a constructive contribution which, if some thought and consideration were given to it, might substantially improve Postfix and make it much more administrator friendly. You may think that the way Postfix is currently put together is perfect. Well the togh message of the modern world is that nothing is perfect including Postfix's current system. Neither am I suggesting the proposal I put forward would make it perfect. However I do argue it might make it better. There is no demand here rather than a carefully composed argument and a recomendation. You may diagree with both. If you are unwilling or do not care to
Re: executive parser
On Sunday 06 November 2011 02:29:30 Reindl Harald wrote: Am 06.11.2011 10:22, schrieb David Southwell: IMHO Postfix needs to add to its goals a determination to make configuration a breeze rather than a challenge. That means diagnostic and corrective parsers and or an html based configuration interface. so and now i will tell you that i have started with postfix in summer 2009 at the same time as with dbmail and wrote a html-backend with database driven configuration and a lot of postfix-options most people never heard of within two months from scratch - that should show you that the documentation and logic can not be so bad Agreed. It is possible to comprehend postfix's documentation given plenty of time to concemntrate upon it. Unfortunately most administrators cannot give that degree of attention to every piece of software. The fact that you were willing to devote the time to that project does, I believe, evidence the need for a more administrator friendly configuration tool. I would love to experiemnt with your creation. Any chance of a copy? on the other hand i would never in my life use any web-interface not written by my own because they are mostly not as flexible as needed because it is impossible to do this with any graphical interface I understand your reservations. It needs a lot of careful and independent testing to bring such intiatives into common use. Thanks david
Re: spf configuration woes
Am 06.11.2011 10:34, schrieb David Southwell: That is plain B**t. I am making a constructive contribution which, if some thought and consideration were given to it, might substantially improve Postfix and make it much more administrator friendly. THIS is plain bullshit you are telling us that administrators do not understand lines with a space at the begin, we are telling you if that is true the person has to learn or hurry up to search another job becasue EVERYBODY who has the right attributes for this job will understand the config format a server-software needs not to be administrator friendly because there is really no need that every idiot out there starts thinking he is qualified to maintain a public mailserver with all it's consequences and looking at the damage a wrong configured MTA can produce a little election is not so bad signature.asc Description: OpenPGP digital signature
Re: executive parser
Am 06.11.2011 10:39, schrieb David Southwell: Agreed. It is possible to comprehend postfix's documentation given plenty of time to concemntrate upon it. Unfortunately most administrators cannot give that degree of attention to every piece of software. than they are doing the wrong job! The fact that you were willing to devote the time to that project does, I believe, evidence the need for a more administrator friendly configuration tool. no, there are all pieces to make such a interface but any webinterface for a mailserver would be too generic and somehow unuseable or too specific for they way what configuration-types are used in what combinations I would love to experiemnt with your creation. Any chance of a copy? sorry, impossible based on our internal cms-system and hardly integrated in our other admin-backends since i am wrtinig every gui on my own but even if: this does not change that you need to deal with main.cf / master.cf necause somebody has to tell postfix and the other mail-components in whcih way they are plaing together and how the mysql-tables are to use signature.asc Description: OpenPGP digital signature
Re: spf configuration woes
On Sunday 06 November 2011 02:43:31 Reindl Harald wrote: Am 06.11.2011 10:34, schrieb David Southwell: That is plain B**t. I am making a constructive contribution which, if some thought and consideration were given to it, might substantially improve Postfix and make it much more administrator friendly. THIS is plain bullshit I do not agree you are telling us that administrators do not understand lines with a space at the begin, we are telling you if that is true the person has to learn or hurry up to search another job becasue EVERYBODY who has the right attributes for this job will understand the config format There is a difference between understanding the potential significant and the ease of finding an error. What I would suggest is that configuration files are better designed when a single charactter has a constant meaning. A occurs so frequently that an out of place is that much harder to detect when scanning through a file. Humans are very good at recognising standard patterns. a server-software needs not to be administrator friendly because there is really no need that every idiot out there starts thinking he is qualified to maintain a public mailserver with all it's consequences and looking at the damage a wrong configured MTA can produce a little election is not so bad There is no benefit in making things a little more difficult than they need me and then proclaiming that the mistakes that could be prevented by design are solely due to the person making thenm is IMHO idiotic. David
Re: spf configuration woes
would you please be so gently only reply to the list and not additionally to the post you are answering? your arguments are not smart enough that there is a need get them all twice signature.asc Description: OpenPGP digital signature
Re: spf configuration woes
On Sunday 06 November 2011 02:54:42 Reindl Harald wrote: would you please be so gently only reply to the list and not additionally to the post you are answering? your arguments are not smart enough that there is a need get them all twice Quite happy to do that. Mind you it may be possible to ask in a way that does not demonstrate a determination, fequently expressed on this list, to hammer into the ground anyone who has the audacity to voice an opinion which does not accord with the conventional views of over vociferous loyalists. Forgive me I have been taking this list for more years than I care to mention and have seen, what I regard, as too much rudeness and intolerance. Maybe that has influenced my approach in this dialogue. I am just fed up with listening in silence. There is no doubt that Postfix is a great application but it could be improved and as soon as anyone makes a suggestion there are far too many people willing to rubbish different approaches than welcome the committment such voices demonstrate. Maybe a little more relaxed attitude to alternative points of view might make this list a lot more attractive. David
Re: spf configuration woes
Am 06.11.2011 11:24, schrieb David Southwell: Quite happy to do that. Mind you it may be possible to ask in a way that does not demonstrate a determination, fequently expressed on this list, to hammer into the ground anyone who has the audacity to voice an opinion which does not accord with the conventional views of over vociferous loyalists. this has nothing to do with loyalists if things ain't broken don't fix them and what nobody needs is rewrite perfectly working software / syntax while postfix is since many years one of the few applications where you can do major upgrades without worry sorry but i have enough of any ideas rewrite things to make dumb people lucky as it happened in the linux-world way to often the last few years with many over a long time working subsystems / layers signature.asc Description: OpenPGP digital signature
Re: spf configuration woes
On Sunday 06 November 2011 03:33:02 Reindl Harald wrote: Am 06.11.2011 11:24, schrieb David Southwell: Quite happy to do that. Mind you it may be possible to ask in a way that does not demonstrate a determination, fequently expressed on this list, to hammer into the ground anyone who has the audacity to voice an opinion which does not accord with the conventional views of over vociferous loyalists. this has nothing to do with loyalists if things ain't broken don't fix them and what nobody needs is rewrite perfectly working software / syntax while postfix is since many years one of the few applications where you can do major upgrades without worry sorry but i have enough of any ideas rewrite things to make dumb people lucky as it happened in the linux-world way to often the last few years with many over a long time working subsystems / layers I think you have succeeded in making my point far more effectively than I. The determination you express is a good demonstration of an attitude that calls anyone dumb if they dare to disagree with their point of view. If you do not understand that such responses encapsulate an attitude of over vociferous loyalism, rudeness intolerance then you are really missing something. Hopefully you might live long enough to regret such attitudes. David
Re: spf configuration woes
Am 06.11.2011 11:40, schrieb David Southwell: On Sunday 06 November 2011 03:33:02 Reindl Harald wrote: Am 06.11.2011 11:24, schrieb David Southwell: Quite happy to do that. Mind you it may be possible to ask in a way that does not demonstrate a determination, fequently expressed on this list, to hammer into the ground anyone who has the audacity to voice an opinion which does not accord with the conventional views of over vociferous loyalists. this has nothing to do with loyalists if things ain't broken don't fix them and what nobody needs is rewrite perfectly working software / syntax while postfix is since many years one of the few applications where you can do major upgrades without worry sorry but i have enough of any ideas rewrite things to make dumb people lucky as it happened in the linux-world way to often the last few years with many over a long time working subsystems / layers I think you have succeeded in making my point far more effectively than I. The determination you express is a good demonstration of an attitude that calls anyone dumb if they dare to disagree with their point of view. i know it is not political correct to say the truth there is no need that everybody needs to believe he is the right person to maintain every peice of software - some people are having the skills, the other are able to learn what the need and the rest can simply use what people with the knowledge are maintaining If you do not understand that such responses encapsulate an attitude of over vociferous loyalism, rudeness intolerance then you are really missing something. Hopefully you might live long enough to regret such attitudes BOY YOU WROTE 'That is why I say the use of is, in an administrator's context, idiotic.' adn expect to get answers without rudeness? where do you live? you should recognize that not all things you do not understand idiotic and for me: i hope i live NOT long enough to lose the attitude to say things that have to be said because there are enough people out there speaking a lot but saying nothing signature.asc Description: OpenPGP digital signature
Re: spf configuration woes
On Sunday 06 November 2011 03:55:45 Reindl Harald wrote: Am 06.11.2011 11:40, schrieb David Southwell: On Sunday 06 November 2011 03:33:02 Reindl Harald wrote: Am 06.11.2011 11:24, schrieb David Southwell: Quite happy to do that. Mind you it may be possible to ask in a way that does not demonstrate a determination, fequently expressed on this list, to hammer into the ground anyone who has the audacity to voice an opinion which does not accord with the conventional views of over vociferous loyalists. this has nothing to do with loyalists if things ain't broken don't fix them and what nobody needs is rewrite perfectly working software / syntax while postfix is since many years one of the few applications where you can do major upgrades without worry sorry but i have enough of any ideas rewrite things to make dumb people lucky as it happened in the linux-world way to often the last few years with many over a long time working subsystems / layers I think you have succeeded in making my point far more effectively than I. The determination you express is a good demonstration of an attitude that calls anyone dumb if they dare to disagree with their point of view. i know it is not political correct to say the truth When you live a little longer I hope you get to realise that your truth is not necessarily a universal truth. The appreciation of such a point of view is a sign of maturity. The maligning of alternative opinions and claiming you have the ability to define what is right may IMHO arguably have more to do with immaturity than anything else. In regard to what I expect - If you understood the derivation of the word idiotic you might appreciate its relevance. BUt if you are upset by my use of the word then I apologise. Maybe it would have been more tactful of me to say that using a single invisible symbol to fulfill multiple purposes in a file which is intended to have very precise outcomes appears on the face of it to be irrational. In configuration files the basic twin rules I would recomend to you are: 1. one visible symbol - one visible function 2. no invisible symbols David
Re: executive parser (was: Re: spf configuration woes)
On 6 November 2011 04:22, David Southwell da...@vizion2000.net wrote: On Saturday 05 November 2011 22:40:03 Murray S. Kucherawy wrote: -Original Message- From: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org] On Behalf Of David Southwell Sent: Saturday, November 05, 2011 9:41 AM To: postfix-users@postfix.org Cc: /dev/rob0 Subject: Re: executive parser (was: Re: spf configuration woes) Just to add weight to my last posting - the use of a as a critical symbol is really quite idiotic. What cannot be seen should never be that significant! The current RFC defining email message format is RFC5322, and it uses leading whitespace as line continuation in header fields. Its antecedents, going back as far as RFC733 (1977) and perhaps further, do the same thing. Thus, your assertion appears to be in conflict with quite a bit of operational history and experience. I think what is being forgotten here is that administrators have to cope with a whole variety of software. The history of one narrow sphere (e.g.) mail is I think what is being forgotten here is that YOU were too stupid to add an spf filter to some of the most widely used MTA SW on the web. And when you finally figured it out* you chose to be hostile, arrogant and rude. figured it out = had your hand held. Ideally it seems you wanted someone to write your master.cf for you It should be noted I installed an SPF policy a few weeks ago - which I accomplished in less time, with less mails to the list and less coding experience (and a good deal more reading of the documentation). Hence thoughtful engineers incorporate diagnostic parsers and html configuration tools. IMHO postfix has been very slow to develop an apporocah which places the needs of system administrators in the forefront of its development strategy. People make mistakes. Even the most experienced administrators. Administrators are not primarily programmers. They look at configuration files. During a busy day they do not want the hassle of having to ask themselves the question What do spaces do in this .config .cf file? Good configuration files make their formatting requirement obvious. That is why I say the use of is, in an administrator's context, idiotic. It is idiotic because it demands that adminstrator to ask himself/he rself the question is this significant or insignificant. When there are hundreds of in a file the luckless adminstrator has too much on his/her plate when trying to fix a problem as quickly as possible. Administrators should be asking themselves all the time if something is significant or not. Everytime I see an indendation I wonder if it's supposed to be a space, a run of spaces or a tab. And what the effects of aligning them all with tabs might be. You are clearly not an administrator. I have been taking this list silently for years. Amonst a lot of genuinely helpful contributions I have witnessed a regular splattering of rudeness and arrogance by some long standing contributors heaped on the heads of luckless administrators trying to succesfully configure postfix. I had no idea luckless meant to dumb or lazy to follow instructions.. You say you'd run netstat before Wietse asked you to? That being the case, why - in either of the responses immediately after that suggestion did you not simply say I did that - here's the output. For the luckless administrator in you I'd like to point out that ignoring something someone (indeed the only person engaged on issue) asks you twice to do something and you ignore it that is also rude. And when you get called on that rudeness you complain?!? The design of Postfix's configuration system and supporting documentation represents the honest efforts of people who have a single point of focus namely: Making postfix work when it has been given the appropriate configuration data. As does every other piece of SW in the entire world. IMHO Postfix needs to add to its goals a determination to make configuration a breeze rather than a challenge. That means diagnostic and corrective parsers and or an html based configuration interface. Such facilities would cut down the traffic on this list and stop a few people looking down their noses at thuose who make a mistake. You want to make it fool-proof? You'll only build a better class of fool to defeat it.
THREAD CLOSED: spf woes
I'm closing this thread. Everyone has made their point. Time to move on. People who continue this thread will be removed. Meanwhile, I'm spending a day to add an option to the postconf(1) command to display the contents of master.cf in canonicalized form, similar to the way that postconf(1) already displays the content of main.cf. This is also an opportunity to add support for the invisible main.cf parameters whose names are derived from master.cf services (delivery agents, spawn(8) services). Wietse
Re: A question about mynetworks
Thanks for the tips! I've specified the ip addresses which are allowed to send.
Backup and restore database created by Tiger Geocoder scripts
A couple weeks ago, I built an entire geocoder database in PostGIS 1.5.3 using the impressive Tiger Geocoder 2010 build scripts (http://svn.osgeo.org/postgis/trunk/extras/tiger_geocoder/tiger_2010/). It took a couple days, but in the end it worked. Then I set about moving my work to another server, but to save time I decided to dump and then restore the database. dev pg_dump -U su gc -f gc.sql prod psql -U su -d gc -f gc.sql It didn't work. Well, the file got dumped without errors, etc. But when I tried restoring (after creating the database gc4 on the new server), Postgresql threw all kinds of errors. Anyway, this appears a lot more complex than a basic MySQL database, so I was wondering how do you guys dump/restore such a database? What's the best approach? I would tinker with this more, but because the sql file is so big (~90GB), it's too time consuming to experiment. Thanks. …Rene
Re: Backup and restore database created by Tiger Geocoder scripts
On Nov 6, 2011, at 10:39 AM, René Fournier wrote: A couple weeks ago, I built an entire geocoder database in PostGIS 1.5.3 using the impressive Tiger Geocoder 2010 build scripts (http://svn.osgeo.org/postgis/trunk/extras/tiger_geocoder/tiger_2010/). It took a couple days, but in the end it worked. I think you posted to the wrong list. This is the Postfix list. -- Larry Stone lston...@stonejongleux.com http://www.stonejongleux.com/
Postfix on Virtual Guest Cannot send mail
Hi all, First a little background. Postfix version 2.6.6 on both host and guest. Host OS RHEL server 6.0 Guest OS RHEL server 6.0 Virtual Machine QEMU-KVM Host has 2 virtual interfaces virbr0 and virbr1 Postfix (guest and host) is listening on all interfaces. IPTables IS NOT RUNNING on either guest or host. DNS Lookup is turned off on both host and guest. I want to send mail to host from guest. Ping both host interfaces work Telnet to port 25 from guest to either host interface also works just fine [root@guestServer init.d]# telnet fileserver 25 Trying 192.168.1.31... Connected to fileserver. Escape character is '^]'. 220 fileserver.test.org ESMTP Postfix HELO guestServer 250 fileserver.guest.org I get the following when trying to send mail. Nov 6 09:44:41 guestServer postfix/qmgr[14456]: DD94E63D92: from=r...@guestserver1.test.org, size=464, nrcpt=1 (queue active) Nov 6 09:44:41 guestServer postfix/error[14507]: DD94E63D92: to=bl...@fileserver.test.org, orig_to=blair@fileserver, relay=none, delay=553, delays=553/0.01/0/0.31, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to fileserver.test.org192.168.1.31]:25: Connection timed out) As I said before IPTables for both ipv4 and ipv6 are not running. I have tried configuring for just ipv4 same results. All posts suggest looking at firewall, but iptables is not running. Many thanks in advance. Rick -- Tìoraidh! Rick Blair smime.p7s Description: S/MIME cryptographic signature
Re: Plesk or equivalent to manage Postfix
Benny Pedersen wrote: On Fri, 04 Nov 2011 14:13:59 +0100, Frank Bonnet wrote: Does anyone has ever use Plesk or another graphical interface to manage Postfix ? postfixadmin just works, so i keep my problem :-) We're equally happy with Postconf (postconf.com). Pat
Re: Postfix on Virtual Guest Cannot send mail
Blair, Rick: [root@guestServer init.d]# telnet fileserver 25 Trying 192.168.1.31... Connected to fileserver. Escape character is '^]'. 220 fileserver.test.org ESMTP Postfix HELO guestServer 250 fileserver.guest.org You can make ONE SINGLE connection. I get the following when trying to send mail. Nov 6 09:44:41 guestServer postfix/qmgr[14456]: DD94E63D92: from=r...@guestserver1.test.org, size=464, nrcpt=1 (queue active) Nov 6 09:44:41 guestServer postfix/error[14507]: DD94E63D92: to=bl...@fileserver.test.org, orig_to=blair@fileserver, relay=none, delay=553, delays=553/0.01/0/0.31, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to fileserver.test.org192.168.1.31]:25: Connection timed out) Postfix can't make MULTIPLE connections. The message delivery temporarily suspended means that not just one connection failed, but that a whole sequence of them failed. You have to find out if there is a traffic shaper on the SMTP client, on the remote SMTP server, in the hypervisor, or in the host under the hypervisor. Otherwise, you can only make one SMTP connection at a time. Wietse
Re: Postscreen statistics gathering
Julien Vehent: Also for this last query, it looks like 65% of the IPs cannot be linked to a country (XX = unknown). I'm not very familiar with the way geo-ip databases gather their data, is that normal numbers for zombies ? This is not my experience. A few times a year I do a one-time purchase from a high-quality geopIP provider, to prepare nice spam-by-time-of-day and pregreet-delay charts by country for an upcoming Postfix presentation. With these databases I seem to have no problems identifying countries, as long as I use a current database snapshot. Wietse
Re: Postfix on Virtual Guest Cannot send mail
Please forgive the top posting, this is difficult with a blackberry. The log snippit shows..: fileserver.test.org192.168.1.31]:25 You you have a transport file or relayhost setting? It might have a problem with a typo I can see a closing square bracket, but not an opening square bracket. Regards, T Sent via BlackBerry® -Original Message- From: Blair, Rick rick.bl...@boeing.com Sender: owner-postfix-us...@postfix.org Date: Sun, 6 Nov 2011 10:00:30 To: postfix-users@postfix.orgpostfix-users@postfix.org Subject: Postfix on Virtual Guest Cannot send mail Hi all, First a little background. Postfix version 2.6.6 on both host and guest. Host OS RHEL server 6.0 Guest OS RHEL server 6.0 Virtual Machine QEMU-KVM Host has 2 virtual interfaces virbr0 and virbr1 Postfix (guest and host) is listening on all interfaces. IPTables IS NOT RUNNING on either guest or host. DNS Lookup is turned off on both host and guest. I want to send mail to host from guest. Ping both host interfaces work Telnet to port 25 from guest to either host interface also works just fine [root@guestServer init.d]# telnet fileserver 25 Trying 192.168.1.31... Connected to fileserver. Escape character is '^]'. 220 fileserver.test.org ESMTP Postfix HELO guestServer 250 fileserver.guest.org I get the following when trying to send mail. Nov 6 09:44:41 guestServer postfix/qmgr[14456]: DD94E63D92: from=r...@guestserver1.test.org, size=464, nrcpt=1 (queue active) Nov 6 09:44:41 guestServer postfix/error[14507]: DD94E63D92: to=bl...@fileserver.test.org, orig_to=blair@fileserver, relay=none, delay=553, delays=553/0.01/0/0.31, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to fileserver.test.org192.168.1.31]:25: Connection timed out) As I said before IPTables for both ipv4 and ipv6 are not running. I have tried configuring for just ipv4 same results. All posts suggest looking at firewall, but iptables is not running. Many thanks in advance. Rick -- Tìoraidh! Rick Blair
Re: Postscreen statistics gathering
On 06.11.2011 17:54, Wietse Venema wrote: Julien Vehent: Also for this last query, it looks like 65% of the IPs cannot be linked to a country (XX = unknown). I'm not very familiar with the way geo-ip databases gather their data, is that normal numbers for zombies ? This is not my experience. A few times a year I do a one-time purchase from a high-quality geopIP provider, to prepare nice spam-by-time-of-day and pregreet-delay charts by country for an upcoming Postfix presentation. With these databases I seem to have no problems identifying countries, as long as I use a current database snapshot. Indeed, I just tried with the GeoLiteCity from MaxMind http://www.maxmind.com/app/geolitecity And the results are much better. 5301 clients === Blocked IPs per country === United States 398 India 149 Russian Federation 128 Indonesia 88 Pakistan 83 Vietnam 75 China 56 I'm happy with that :) Julien