Re: ot: head office/branch office mailserver howto?
Am 11.07.2012 02:12, schrieb li...@sbt.net.au: can anyone point me to any howtos if such exist: on setting up a head office/branch office mail servers (is that correct way to name it?) we have a mail server in Australia, the office is split up between AUS and Asia, most of the users are in Asia, so emails from physically adjacent users travel to Australia and back so what I was thinking, mail server in AUS receives all emails, emails for Asia get 'forwared' to Asia branch mail server on premises of the branch office, emails for AUS users stay on main server; and, obviously, Asia/Asia emails get handled by branch mail server on the premises does that make sense ? thanks for any pointers (or words of encouragements), thanks for all the help in the past. Voytek you can split up this with i.e transport tables -- Best Regards MfG Robert Schetterer
changing the error code for Message delivery request rate limit exceeded situation
Hello, by default postfix reject with 5.7.1 (permanent) error if the client exceeded the set rate limit. Is it possible to give him a temporary (4xx) error? Albert
Re: changing the error code for Message delivery request rate limit exceeded situation
Kov?cs Albert: [ Charset ISO-8859-1 unsupported, converting... ] Hello, by default postfix reject with 5.7.1 (permanent) error if the client exceeded the set rate limit. Postfix has no Message delivery request rate... error message. Wietse
Re: changing the error code for Message delivery request rate limit exceeded situation
Wietse Venema: Kov?cs Albert: Hello, by default postfix reject with 5.7.1 (permanent) error if the client exceeded the set rate limit. Postfix has no Message delivery request rate... error message. To be precise, Postfix does not send that to the remote SMTP client. Postfix sends this to the remote SMTP client: 450 4.7.1 Error: too much mail from x.x.x.x Where x.x.x.x is the remote SMTP client IP address. Wietse
My doc-foo is failing mail (policy delegation)
When using a policy daemon in smtpd_data_restrictions: Is the policy daemon called ONCE for every sender - recipient tuple? My goal is: I want to impose a limit on the number of mails an envelope sender can send per time unit. If the policy daemon is called ONCE for every sender - recipient tuple, a multi recipient mail would count as multiple messages. -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de
Re: My doc-foo is failing mail (policy delegation)
Ralf Hildebrandt ralf.hildebra...@charite.de writes: When using a policy daemon in smtpd_data_restrictions: Is the policy daemon called ONCE for every sender - recipient tuple? My goal is: I want to impose a limit on the number of mails an envelope sender can send per time unit. If the policy daemon is called ONCE for every sender - recipient tuple, a multi recipient mail would count as multiple messages. When you're using a policy daemon, Postfix is just out-sourcing the response for each particular SMTP step. The DATA step only occurs once per SMTP transaction, so the policy daemon only gets called once if you put it in smtpd_data_restrictions. Only smtpd_recipient_restrictions is going to get called repeatedly. Given your stated aims (restricting based on # of message-sending attempts, rather than # of recpients), ISTM you want to do a smtpd_sender_restriction, since that would provide the earliest moment you could disconnect, and thus the greatest savings in resources. Mike.
Re: My doc-foo is failing mail (policy delegation)
Ralf Hildebrandt: When using a policy daemon in smtpd_data_restrictions: Is the policy daemon called ONCE for every sender - recipient tuple? Postfix invokes smtpd_clientrestrictions ONCE for every client connection. Postfix invokes smtpd_helo_restrictions ONCE for every HELO or EHLO command. [fill in the gap yourself...] Postfix invokes smtpd_recipient_restrictions ONCE for every RCPT command. Likewise, Postfix invokes smtpd_data_restrictions ONCE for every DATA command. Wietse
Re: My doc-foo is failing mail (policy delegation)
* Michael Alan Dorman mdor...@ironicdesign.com: Ralf Hildebrandt ralf.hildebra...@charite.de writes: When using a policy daemon in smtpd_data_restrictions: Is the policy daemon called ONCE for every sender - recipient tuple? My goal is: I want to impose a limit on the number of mails an envelope sender can send per time unit. If the policy daemon is called ONCE for every sender - recipient tuple, a multi recipient mail would count as multiple messages. When you're using a policy daemon, Postfix is just out-sourcing the response for each particular SMTP step. The DATA step only occurs once per SMTP transaction, so the policy daemon only gets called once if you put it in smtpd_data_restrictions. Only smtpd_recipient_restrictions is going to get called repeatedly. Thought so. Given your stated aims (restricting based on # of message-sending attempts, rather than # of recpients), ISTM you want to do a smtpd_sender_restriction, since that would provide the earliest moment you could disconnect, and thus the greatest savings in resources. Furthermore # of recpients (which I also happen to use) is only available in data or end_of_data. So I put the check_policy stuff there and it seems to be working now. -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de
i am working on a policy Daemon like policyD
i am working on a policy Daemon like policyD i started reading : www.postfix.org/SMTPD_POLICY_README.html but i'm not sure on what phases i can declare a ceck_policy_service i know i can use it on: smtpd_end_of_data_restrictions, smtpd_sender_restrictions, smtpd_recipient_restrictions. it states in the document: Protocol states are CONNECT, EHLO, HELO, MAIL, RCPT, DATA, END-OF-MESSAGE, VRFY or ETRN; these are the SMTP protocol states where the Postfix SMTP server makes an OK/REJECT/HOLD/etc. decision but on what directive in the config file i will get the states:CONNECT, EHLO, HELO, MAIL,MESSAGE, VRFY or ETRN ??? i am able to get RCPT and END-OF-MESSAGE but none of the others. Thanks, Eliezer -- Eliezer Croitoru https://www1.ngtech.co.il IT consulting for Nonprofit organizations eliezer at ngtech.co.il
RE-Postfix make install. Do not support mysql and pcre /Finish
Thanks for all my friend. and thanks for Joe's proposal. Last message is too long. can not reply it. Actually, I lost mysql-devel pcre-devel packages So I reinstall centos with these packages, and down postfix-2.9.3 Use the command make ,Everything working. I'm so glad [root@mail ~]# make -f Makefile.init makefiles \ CCARGS=-DUSE_SASL_AUTH -DUSE_CYRUS_SASL -DHAS_LDAP -DHAS_MYSQL -I/usr/include/mysql -I/usr/include/sasl \ AUXLIBS=-L/usr/lib64/sasl2 -lsasl2 -L/usr/lib64/mysql -lmysqlclient -lz -lm -lldap -llber Finally, postfix-2.9.3 system got support with pcre, mysql and ldap. Thank you for all my friend's time. TOM
Re: i am working on a policy Daemon like policyD
Eliezer Croitoru: i am working on a policy Daemon like policyD i started reading : www.postfix.org/SMTPD_POLICY_README.html but i'm not sure on what phases i can declare a ceck_policy_service i know i can use it on: smtpd_end_of_data_restrictions, smtpd_sender_restrictions, smtpd_recipient_restrictions. it states in the document: Protocol states are CONNECT, EHLO, HELO, MAIL, RCPT, DATA, END-OF-MESSAGE, VRFY or ETRN; these are the SMTP protocol states where the Postfix SMTP server makes an OK/REJECT/HOLD/etc. decision but on what directive in the config file i will get the states:CONNECT, EHLO, HELO, MAIL,MESSAGE, VRFY or ETRN ??? i am able to get RCPT and END-OF-MESSAGE but none of the others. This is documented at: http://www.postfix.org/SMTPD_ACCESS_README.html#lists http://www.postfix.org/SMTPD_ACCESS_README.html#timing Wietse
Re: ot: head office/branch office mailserver howto?
On Wed, Jul 11, 2012 at 08:06:06AM +0200, Robert Schetterer wrote: you can split up this with e.g. transport tables Yes, but these are then different on the destination hosts (local delivery) than on the origin hosts (smtp delivery to the destination hosts). This precludes a central data source for the transport tables (LDAP, SQL, ...). Generally, it is better to rewrite the recipient addresses from a shared virtual domain (example.com) to a recipient specific destination domain (site.example.com) and just let site-local mydestination or virtual_mailbox_domains, ... settings determine whether the mail is forwarded or delivered locally. -- Viktor.
Re: My doc-foo is failing mail (policy delegation)
On Wed, Jul 11, 2012 at 08:03:05AM -0400, Wietse Venema wrote: Ralf Hildebrandt: When using a policy daemon in smtpd_data_restrictions: Is the policy daemon called ONCE for every sender - recipient tuple? Postfix invokes smtpd_clientrestrictions ONCE for every client connection. Postfix invokes smtpd_helo_restrictions ONCE for every HELO or EHLO command. [fill in the gap yourself...] Modulo smtpd_delay_reject which causes client, helo and sender restrictions to fire once per recipient. Postfix invokes smtpd_recipient_restrictions ONCE for every RCPT command. After this it is one event per SMTP command. And so: Likewise, Postfix invokes smtpd_data_restrictions ONCE for every DATA command. The data and end_of_data restrictions are once per transaction. -- Viktor.
Re: ot: head office/branch office mailserver howto?
On Wed, Jul 11, 2012 at 08:36:37PM +, Viktor Dukhovni wrote: On Wed, Jul 11, 2012 at 08:06:06AM +0200, Robert Schetterer wrote: you can split up this with e.g. transport tables Yes, but these are then different on the destination hosts (local delivery) than on the origin hosts (smtp delivery to the destination hosts). This precludes a central data source for the transport tables (LDAP, SQL, ...). Wouldn't the table be unused on the destination host? That doesn't seem to me to preclude a central store. Generally, it is better to rewrite the recipient addresses from a shared virtual domain (example.com) to a recipient specific destination domain (site.example.com) and just let site-local mydestination or virtual_mailbox_domains, ... settings determine whether the mail is forwarded or delivered locally. Having worked with a system done your way and a system which preserved constant envelopes, I would say that the differences are minor and essentially a matter of taste. -- Ben Rosengart Like all those possessing a library, Sendmail, Inc. Aurelian was aware that he was guilty of +1 718 431 3822 not knowing his in its entirety [...] -- Jorge Luis Borges NOTICE: If received in error, please destroy and notify sender. Sender does not waive confidentiality or privilege, and use is prohibited.
Re: ot: head office/branch office mailserver howto?
Ben Rosengart: On Wed, Jul 11, 2012 at 08:36:37PM +, Viktor Dukhovni wrote: On Wed, Jul 11, 2012 at 08:06:06AM +0200, Robert Schetterer wrote: you can split up this with e.g. transport tables Yes, but these are then different on the destination hosts (local delivery) than on the origin hosts (smtp delivery to the destination hosts). This precludes a central data source for the transport tables (LDAP, SQL, ...). Wouldn't the table be unused on the destination host? That doesn't seem to me to preclude a central store. If the transport map is the same everywhere, like: u...@example.comsmtp:sitexx.example.com Then that recipient will loop once it is delivered to sitexx.example.com, barring the presence of an earlier transport map that sends it to a final delivery agent. Wietse
Re: ot: head office/branch office mailserver howto?
On Wed, Jul 11, 2012 at 08:36:37PM +, Viktor Dukhovni wrote: On Wed, Jul 11, 2012 at 08:06:06AM +0200, Robert Schetterer wrote: you can split up this with e.g. transport tables Yes, but these are then different on the destination hosts (local delivery) than on the origin hosts (smtp delivery to the destination hosts). This precludes a central data source for the transport tables (LDAP, SQL, ...). As far as I understand transport tables, you just have to maintain one transport table on your server in Australia: user_austra...@example.com virtual (or whatever) #local user user2_a...@example.com smtp:asia.example.com #remote user On asia.example.com it should work with one fixed transport (e.g. relay_transport = virtual) for all users handled by this server. Patrick
Re: ot: head office/branch office mailserver howto?
On Thu, Jul 12, 2012 at 12:07:03AM +0200, Patrick Westenberg wrote: On Wed, Jul 11, 2012 at 08:36:37PM +, Viktor Dukhovni wrote: On Wed, Jul 11, 2012 at 08:06:06AM +0200, Robert Schetterer wrote: you can split up this with e.g. transport tables Yes, but these are then different on the destination hosts (local delivery) than on the origin hosts (smtp delivery to the destination hosts). This precludes a central data source for the transport tables (LDAP, SQL, ...). As far as I understand transport tables, you just have to maintain one transport table on your server in Australia: user_austra...@example.comvirtual (or whatever) #local user user2_a...@example.comsmtp:asia.example.com #remote user On asia.example.com it should work with one fixed transport (e.g. relay_transport = virtual) for all users handled by this server. In other words different transport tables in Asia and Australia, which is my point. With rewriting, all the tables can be shared (and of course replicated for availability, ...). I also prefer to avoid LDAP and SQL lookups in the transport table for performance/reliability reasons, and once transport is per-user, with enough users one tends to want something more central than flat files. -- Viktor.
Re: i am working on a policy Daemon like policyD
On 7/11/2012 7:35 PM, Wietse Venema wrote: Eliezer Croitoru: i am working on a policy Daemon like policyD i started reading : www.postfix.org/SMTPD_POLICY_README.html but i'm not sure on what phases i can declare a ceck_policy_service i know i can use it on: smtpd_end_of_data_restrictions, smtpd_sender_restrictions, smtpd_recipient_restrictions. it states in the document: Protocol states are CONNECT, EHLO, HELO, MAIL, RCPT, DATA, END-OF-MESSAGE, VRFY or ETRN; these are the SMTP protocol states where the Postfix SMTP server makes an OK/REJECT/HOLD/etc. decision but on what directive in the config file i will get the states:CONNECT, EHLO, HELO, MAIL,MESSAGE, VRFY or ETRN ??? i am able to get RCPT and END-OF-MESSAGE but none of the others. This is documented at: http://www.postfix.org/SMTPD_ACCESS_README.html#lists http://www.postfix.org/SMTPD_ACCESS_README.html#timing Wietse Thanks, somehow slipped from my eyes. ELiezer -- Eliezer Croitoru https://www1.ngtech.co.il IT consulting for Nonprofit organizations eliezer at ngtech.co.il