Re: Postfix migration from 2.0 to 2.6.6
Quoting Zalezny Niezalezny zalezny.niezale...@gmail.com: I dont want to route any E-mails. I simply would like to stop old server, tar everything in the proper way and migrate on the new host. This is my target. Then just block all incoming traffic on port 25 and 587 (or whatever your users are using). After everything has been processed and the Que is empty, tar compress everything and move it to the new server. Once that is done, change the MX entries to point to the new server and you are done. No mails will be lost in the meantime. If you additionally change the TTL of the according Zone entries of your domain to something very small (5 min), the propagation of the new entries will be faster. Regards, Michael
Re: Postfix migration from 2.0 to 2.6.6
Greetz to all and thanks for Your efficient support! Its perfect community :) On Fri, Feb 20, 2015 at 12:30 PM, Zalezny Niezalezny zalezny.niezale...@gmail.com wrote: I will simply stop postfix and copy all files. I dont see any other solution here.We will see if it will work properly. On Fri, Feb 20, 2015 at 11:28 AM, Michael m...@michi.su wrote: Quoting Zalezny Niezalezny zalezny.niezale...@gmail.com: I dont want to route any E-mails. I simply would like to stop old server, tar everything in the proper way and migrate on the new host. This is my target. Then just block all incoming traffic on port 25 and 587 (or whatever your users are using). After everything has been processed and the Que is empty, tar compress everything and move it to the new server. Once that is done, change the MX entries to point to the new server and you are done. No mails will be lost in the meantime. If you additionally change the TTL of the according Zone entries of your domain to something very small (5 min), the propagation of the new entries will be faster. Regards, Michael
Re: Postfix migration from 2.0 to 2.6.6
I will simply stop postfix and copy all files. I dont see any other solution here.We will see if it will work properly. On Fri, Feb 20, 2015 at 11:28 AM, Michael m...@michi.su wrote: Quoting Zalezny Niezalezny zalezny.niezale...@gmail.com: I dont want to route any E-mails. I simply would like to stop old server, tar everything in the proper way and migrate on the new host. This is my target. Then just block all incoming traffic on port 25 and 587 (or whatever your users are using). After everything has been processed and the Que is empty, tar compress everything and move it to the new server. Once that is done, change the MX entries to point to the new server and you are done. No mails will be lost in the meantime. If you additionally change the TTL of the according Zone entries of your domain to something very small (5 min), the propagation of the new entries will be faster. Regards, Michael
Re: Postfix migration from 2.0 to 2.6.6
I dont want to route any E-mails. I simply would like to stop old server, tar everything in the proper way and migrate on the new host. This is my target. On Fri, Feb 20, 2015 at 11:05 AM, Test t...@icolombi.net wrote: What about just routing messages from old server to the new one with relayhost? We are just talking about messages in queue right? 2015-02-20 10:54 GMT+01:00 Zalezny Niezalezny zalezny.niezale...@gmail.com: Thanks for Your explanation. I see that Postfix community is very strong and fast :) Its good to know :) If I will stop Postfix, for sure some of them will stay in the queue folders. How to migrate that part without loosing data ? Should I simply copy files with proper permissions and ownership between two servers ? Is there any commands which needs to be executed afterwards ? Thanks in advance for Your support. Zalezny
Re: Postfix migration from 2.0 to 2.6.6
Thanks for Your explanation. I see that Postfix community is very strong and fast :) Its good to know :) Back to subject. We are using Red Hat distro so I`m not planning to use Postfix version higher than its in the repository. What can I say, RHEL is crap if we are talking about updates for the common packages. They are supporting latest release 2.6.6 and I will stay with this release. Of course it would be great to build new package even with version 3 but then I must support it till end. Its enterprise environment so we need to follow some rules (some times stupid...). This what I dont understand is, what exactly Postfix doing during stop command. If I good understand queue model, Postfix storing files in the queue folders. My server sending thousands of E-mails per day. If I will stop Postfix, for sure some of them will stay in the queue folders. How to migrate that part without loosing data ? Should I simply copy files with proper permissions and ownership between two servers ? Is there any commands which needs to be executed afterwards ? Thanks in advance for Your support. Zalezny On Fri, Feb 20, 2015 at 10:18 AM, DTNX Postmaster postmas...@dtnx.net wrote: On 20 Feb 2015, at 09:14, Zalezny Niezalezny zalezny.niezale...@gmail.com wrote: on one of my servers I`m planning to migrate very old Postfix 2.0 to quite new one 2.6.6. I migrated already all Postfix instances, so all Postfix configuration files are already on the new machine (/etc/postfix*). Now its time to migrate /var/spool/postfix and all other Postfix data files. Will it work properly if I will simply: - stop old server - zip all /var/spool/postfix* and /var/spool/mail/* - copy all /var/spool/postfix* and /var/spool/mail/* on the new one - start all instances Will it work ? Here is written, that it will not work properly... http://www.postfix.org/faq.html#copying How to migrate Postfix data in the best way ? Do note that 2.6.6 is anything but new; 2.6.6 is from 2010, and the last legacy release of the 2.6.x series was two years ago. At this point, for new systems, you should be using 2.9.x as the absolute minimum, since 2.8.x is already out as well. See the Postfix announcements page for details; http://www.postfix.org/announcements.html As far as the migration itself; review the documentation for changes, both to settings you have in your configuration as well as changes to default settings, as the gap between 2.0 and whatever you move to is quite big. Start here; http://www.postfix.org/postconf.5.html Once you have reviewed the documentation for anything you might need to change, set it up on the new machine, and test all your assumptions about how it should work. Your '/var/spool/postfix' should be empty, and there should be no need to copy that over. How you migrate stored messages on the server depends on how your users access their mail, which is outside the scope of Postfix. In other words; move to a supported version of Postfix, and test your migration extensively. Good luck! Mvg, Joni
Re: Postfix migration from 2.0 to 2.6.6
On Fri, 20 Feb 2015 09:14:37 +0100 Zalezny Niezalezny zalezny.niezale...@gmail.com wrote: - zip all /var/spool/postfix* and /var/spool/mail/* don't use zip, it didn't save uid.gid owner...
Re: Postfix migration from 2.0 to 2.6.6
On 20 Feb 2015, at 09:14, Zalezny Niezalezny zalezny.niezale...@gmail.com wrote: on one of my servers I`m planning to migrate very old Postfix 2.0 to quite new one 2.6.6. I migrated already all Postfix instances, so all Postfix configuration files are already on the new machine (/etc/postfix*). Now its time to migrate /var/spool/postfix and all other Postfix data files. Will it work properly if I will simply: - stop old server - zip all /var/spool/postfix* and /var/spool/mail/* - copy all /var/spool/postfix* and /var/spool/mail/* on the new one - start all instances Will it work ? Here is written, that it will not work properly... http://www.postfix.org/faq.html#copying How to migrate Postfix data in the best way ? Do note that 2.6.6 is anything but new; 2.6.6 is from 2010, and the last legacy release of the 2.6.x series was two years ago. At this point, for new systems, you should be using 2.9.x as the absolute minimum, since 2.8.x is already out as well. See the Postfix announcements page for details; http://www.postfix.org/announcements.html As far as the migration itself; review the documentation for changes, both to settings you have in your configuration as well as changes to default settings, as the gap between 2.0 and whatever you move to is quite big. Start here; http://www.postfix.org/postconf.5.html Once you have reviewed the documentation for anything you might need to change, set it up on the new machine, and test all your assumptions about how it should work. Your '/var/spool/postfix' should be empty, and there should be no need to copy that over. How you migrate stored messages on the server depends on how your users access their mail, which is outside the scope of Postfix. In other words; move to a supported version of Postfix, and test your migration extensively. Good luck! Mvg, Joni
Re: Postfix migration from 2.0 to 2.6.6
What about just routing messages from old server to the new one with relayhost? We are just talking about messages in queue right? 2015-02-20 10:54 GMT+01:00 Zalezny Niezalezny zalezny.niezale...@gmail.com : Thanks for Your explanation. I see that Postfix community is very strong and fast :) Its good to know :) If I will stop Postfix, for sure some of them will stay in the queue folders. How to migrate that part without loosing data ? Should I simply copy files with proper permissions and ownership between two servers ? Is there any commands which needs to be executed afterwards ? Thanks in advance for Your support. Zalezny
Re: Support for Cassandra CQL database lookup table
Viktor Dukhovni: On Thu, Feb 19, 2015 at 04:20:17PM -0600, List wrote: We would like to use the Cassandra database to persist the state of abusive IPs which we would block from connecting in one of the smtpd_xxx_restrictions clauses. We have systems that exist in multiple data centers and Cassandra works really well for persisting data between them, but Postfix does not support Cassandra and specifically the CQL language as a lookup table. Is this planned for any releases in the near future? There are at present no plans to add Cassandra support. However Someone wrote an ODBC driver for Postfix, and Cassandra appears to have an ODBC driver. I haven't found time to intergrate ODBC into Postfix, but it could be a way to hook Postfix up with Cassandra. http://postfix.1071664.n5.nabble.com/Code-submission-Postfix-ODBC-support-td67418.html This would also allow Postfix to integrate with other databases including Oracle, DB2, etc. without custom Postfix drivers. Wietse
Re: conditional relay with credential based on domain recipient
Wietse Venema: Gianluca Gargiulo: Hi, due to problem to send to outlook.com domains with my postfix, i'd like postfix act as smtp client with my email provider smtp server using the sender credentials. Maybe you can store the credential in smtp_sasl_password_maps and set smtp_sender_dependent_authentication = yes. Then, the password file is searched by the sender email address instead of the server name or domain. Correction: Postfix will first search with the sender address, and if no result is found, with the server name or next-hop domain name. Wietse smtp_sender_dependent_authentication (default: no) Enable sender-dependent authentication in the Postfix SMTP client; this is available only with SASL authentication, and disables SMTP connec- tion caching to ensure that mail from different senders will use the appropriate credentials. This feature is available in Postfix 2.3 and later.
conditional relay with credential based on domain recipient
Hi, due to problem to send to outlook.com domains with my postfix, i'd like postfix act as smtp client with my email provider smtp server using the sender credentials. For example: 1) pi...@mydomain.com - u...@anydomain.com, send directly 2) pi...@mydomain.com - u...@outlook.com, send through smtp.myproviderdomain.com using credential pi...@mydomain.com / password 3 ) pl...@mydomain.com - u...@outlook.com, send through smtp.myproviderdomain.com using credential pl...@mydomain.com / password There are some options to do it? Thank a lot Ediconsul Informatica S.r.l. System Administrator Gianluca Gargiulo e-mail: ggargi...@ediconsul.it Tel: 081.3176326 | Fax: 081.3415110 Avvertenze ai sensi del D.lgs. 196/2003 Tutte le informazioni contenute nella presente e-mail sono riservate esclusivamente al destinatario. È proibito a chiunque legga la presente comunicazione, che non sia l’effettivo destinatario, qualsiasi uso, copia, distribuzione e/o divulgazione di quanto in essa contenuto. Se questa comunicazione è pervenuta per errore, si è tenuti ad informare il mittente con sollecitudine e distruggere l’intera e-mail.
Re: conditional relay with credential based on domain recipient
Gianluca Gargiulo: Hi, due to problem to send to outlook.com domains with my postfix, i'd like postfix act as smtp client with my email provider smtp server using the sender credentials. Maybe you can store the credential in smtp_sasl_password_maps and set smtp_sender_dependent_authentication = yes. Then, the password file is searched by the sender email address instead of the server name or domain. Wietse smtp_sender_dependent_authentication (default: no) Enable sender-dependent authentication in the Postfix SMTP client; this is available only with SASL authentication, and disables SMTP connec- tion caching to ensure that mail from different senders will use the appropriate credentials. This feature is available in Postfix 2.3 and later.
Re: conditional relay with credential based on domain recipient
but i want that postfix acts as smtp client only for outlook.com domains, not ever. Where i set this conditions? - Messaggio originale - Da: Wietse Venema wie...@porcupine.org A: Postfix users postfix-users@postfix.org Inviato: Venerdì, 20 febbraio 2015 14:29:46 Oggetto: Re: conditional relay with credential based on domain recipient Wietse Venema: Gianluca Gargiulo: Hi, due to problem to send to outlook.com domains with my postfix, i'd like postfix act as smtp client with my email provider smtp server using the sender credentials. Maybe you can store the credential in smtp_sasl_password_maps and set smtp_sender_dependent_authentication = yes. Then, the password file is searched by the sender email address instead of the server name or domain. Correction: Postfix will first search with the sender address, and if no result is found, with the server name or next-hop domain name. Wietse smtp_sender_dependent_authentication (default: no) Enable sender-dependent authentication in the Postfix SMTP client; this is available only with SASL authentication, and disables SMTP connec- tion caching to ensure that mail from different senders will use the appropriate credentials. This feature is available in Postfix 2.3 and later.
removing header of originating smtp from relayed mail
Hi, I am using a postfix as relay for email sent from an hoster that close the port 25, so I send the mail to the relayer through the 10025 port. but the IP of the originating server appear in the header of the mail and I would like to remove it : source server ---10025--- relayer ---25--- FAI just showing the relayer ip and hostname, I have access to both config files, is this possible ? Thanks for your help. Stéphane PS : sorry for my english
Re: removing header of originating smtp from relayed mail
On 2/20/2015 5:12 PM, Stéphane MERLE wrote: Hi, I am using a postfix as relay for email sent from an hoster that close the port 25, so I send the mail to the relayer through the 10025 port. but the IP of the originating server appear in the header of the mail and I would like to remove it : source server ---10025--- relayer ---25--- FAI just showing the relayer ip and hostname, I have access to both config files, is this possible ? Thanks for your help. Stéphane PS : sorry for my english You can use a header_checks rule with the IGNORE result to remove the offending header. This must be done on the relayer server, which is where that header is added. Make your header_checks rule as specific as possible so you don't unintentionally remove other headers. -- Noel Jones
Postfix nolisting setup
Good afternoon all, I am considering setting up a nolisting postfix server on a spare static IP so as to study the effects of nolisting for some heavy domains we host (3k total msgs/day, 200 legit). This server will sit at both the highest priority and the lowest priority, with the real MX in the middle. The nolisting spec says that nothing should answer on port 25 but I would like it to answer and respond with a not available error, so that I could compare connections between the nolisting MX and the actual MX. What would be the most effective configuration to accomplish this task? Thank you in advance, Isaac Grover
Re: Postfix nolisting setup
On Fri, Feb 20, 2015 at 05:05:50PM -0600, Isaac Grover wrote: I am considering setting up a nolisting postfix server on a spare static IP so as to study the effects of nolisting for some heavy domains we host (3k total msgs/day, 200 legit). This server will sit at both the highest priority and the lowest priority, with the real MX in the middle. The nolisting spec says that nothing should answer on port 25 but I would like it to answer and respond with a not available error, so that I could compare connections between the nolisting MX and the actual MX. What would be the most effective configuration to accomplish this task? smtpd_recipient_restrictions = defer -- Viktor.
Re: conditional relay with credential based on domain recipient
Gianluca Gargiulo: but i want that postfix acts as smtp client only for outlook.com domains, not ever. Where i set this conditions? Set up an smtp-auth delivery agent that is used for outlook.com. and enable client-side SASL for the smtp-auth delivery agent only. /etc/postfix/main.cf: transport_maps = hash:/etc/postfix/transport /etc/postfix/transport: # Execute postmap hash:/etc/postfix/transport after changing # this file. outlook.comsmtp-auth: /etc/postfix/master.cf # Execute postfix reload after changing this file. # Note: no space around =. smtp-authinet n - n - - smtpd -o smtp_sender_dependent_authentication=yes -o smtp_sasl_password_maps=hash:/etc/postfix/transport This is an untested example. It should be close. Wietse - Messaggio originale - Da: Wietse Venema wie...@porcupine.org A: Postfix users postfix-users@postfix.org Inviato: Venerd?, 20 febbraio 2015 14:29:46 Oggetto: Re: conditional relay with credential based on domain recipient Wietse Venema: Gianluca Gargiulo: Hi, due to problem to send to outlook.com domains with my postfix, i'd like postfix act as smtp client with my email provider smtp server using the sender credentials. Maybe you can store the credential in smtp_sasl_password_maps and set smtp_sender_dependent_authentication = yes. Then, the password file is searched by the sender email address instead of the server name or domain. Correction: Postfix will first search with the sender address, and if no result is found, with the server name or next-hop domain name. Wietse smtp_sender_dependent_authentication (default: no) Enable sender-dependent authentication in the Postfix SMTP client; this is available only with SASL authentication, and disables SMTP connec- tion caching to ensure that mail from different senders will use the appropriate credentials. This feature is available in Postfix 2.3 and later.
Re: Add header based on number of recipients
smtpd_data_restrictions fixed my issue and I see the header now. Thank you. On Thu, Feb 19, 2015 at 7:05 PM, Wietse Venema wie...@porcupine.org wrote: Dave Jones: Feb 19 16:55:12 smtp1 postfwd[27034]: [RULES] rule=4, id=RCPTCNT1, queue=C2B7433E7CE, client=unknown[172.27.0.203], sender= r...@server1.example.com, recipient=r...@example.com, helo= server1.example.com, proto=ESMTP, state=END-OF-MESSAGE, delay=0.00s, hits=RCPTCNT1, action=PREPEND X-Rcpt-Count: test Please pay attention to this fragment from the access(5) manpage: PREPEND headername: headervalue Prepend the specified message header to the message. When more than one PREPEND action executes, the first prepended header appears before the second etc. prepended header. Note: this action must execute before the message content is received;itcannotexecuteinthe context of smtpd_end_of_data_restrictions. Try using it in smtpd_data_restrictions. In fact, Postfix will log a warning if you use PREPEND in smtpd_end_of_data_restrictions, with this code fragment: if (strcmp(state-where, SMTPD_AFTER_DOT) == 0) { msg_warn(access table %s: action PREPEND must be used before %s, table, VAR_EOD_CHECKS); return (SMTPD_CHECK_DUNNO); } The warning should look like this: warning: access table XXX: action PREPEND must be used before smtpd_end_of_data_restrictions Wietse
Re: Postfix migration from 2.0 to 2.6.6
On Fri, Feb 20, 2015 at 11:15:58AM +0100, Zalezny Niezalezny wrote: I dont want to route any E-mails. I simply would like to stop old server, tar everything in the proper way and migrate on the new host. This is my target. Letting the legacy queue drain, either to the users mailboxes or to the new servers as smarthosts, is the preferred approach. Disable external input: smtpd_recipient_restrictions = defer Then if anything still remains in the queue (typically a few outbound bounces to dead destinations), if desired punt already queued mail to the new servers: new server: mynetworks = 127.0.0.1, ip-addresses-of-old-servers old servers: default_transport = smtp:[newsmtp.example.com] local_transport = $default_transport virtual_transport = $defaul_transport relay_transport = $default_transport Then flush the queues on the old servers. Moving the files can be done, but can be difficult to do right. Especially if the destination queues are not initially empty. The hard part is mailstore migration not mail queue migration, mail queues are best left to just drain after shutting off input. -- Viktor.