[pfx] Re: userid for file delivery ?

[Markus Schönhaber via Postfix-users]

28.02.24, 19:09 +0100, John Levine via Postfix-users:

> Here's another question that might be answered in the documentation
> but I can't find it.  If I have a file delivery like this in
> the /etc/aliases file
> 
> foo: /a/b/somefile
> 
> what userid writes to the file?  postfix? nobody?
> 
> I realize that for user mailboxes it's the user, but
> in this case, there's no user, just the file.  TIA.
man 5 aliases:

>/file/name
>   Mail  is  appended  to  /file/name. For details on how a
>   file is written see the sections "EXTERNAL  FILE  DELIV‐
>   ERY"  and  "DELIVERY  RIGHTS" in the local(8) documenta‐
>   tion.  Delivery is not limited to  regular  files.   For
>   example,  to  dispose  of  unwanted  mail, deflect it to
>   /dev/null.

man 8 local:

> DELIVERY RIGHTS
>Deliveries to external files and  external  commands  are  made
>with  the  rights of the receiving user on whose behalf the de‐
>livery is made.  In the absence of a user context, the local(8)
>daemon uses the owner rights of the  :include:  file  or  alias
>database.   When those files are owned by the superuser, deliv‐
>ery is made with the rights specified  with  the  default_privs
>configuration parameter.

-- 
Regards
  mks

___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: question regarding postmap -q test

[Markus Schönhaber via Postfix-users]

28.02.24, 09:20 +0100, lists--- via Postfix-users:

> My sender_access file contains
> 
> charity.donation.jp REJECT
> 
> postmap -q charity.donation.jp  hash:sender_access
> REJECT
> 
> So it returns REJECT as expected. However testing some random users at
> the domain:
> 
> postmap -q m...@charity.donation.jp  hash:sender_access
> 
> returns nothing. Is the domain being rejected in actual use even though
> postmap -q testing with a specific user at the domain name doesn't
> return anything?
Look at the fine manual that explains what postmap -q does:

>-q key Search the specified maps for key and write the first value 
> found to the standard output stream. The exit status is zero when the  re‐
>   quested information was found.
> 
>   Note:  this  performs  a single query with the key as 
> specified, and does not make iterative queries with substrings of the key as 
> de‐
>   scribed for access(5), canonical(5), transport(5), virtual(5) 
> and other Postfix table-driven features.

-- 
Regards
  mks

___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: *.mail.protection.outlook.com reporting "452 4.5.3 Too many recipients (AS780090)" for many domains

[Markus Schönhaber via Postfix-users]

11.10.23, 15:06 +0200, Ralf Hildebrandt via Postfix-users:

> Since this morning, various MX hosts in *.mail.protection.outlook.com
> reporting are reporting back temporary errors for us:
> 
> Exhibit A) 
> 
> host ohri-ca.mail.protection.outlook.com[104.47.75.228] said: 452 4.5.3 Too 
> many recipients (AS780090) 
> [YQBCAN01FT018.eop-CAN01.prod.protection.outlook.com 2023-10-11T02:11:41.144Z 
> 08DBC99CDEC51952] (in reply to RCPT TO command)
> (for a mail with 4 recipients, in that particular case)
> 
> Exhibit B)
> 
> host fraport-de.mail.protection.outlook.com[52.101.73.16] said: 451 4.7.500 
> Server busy. Please try again later from [193.175.73.209]. (S77719) 
> [AMS0EPF019E.eurprd05.prod.outlook.com 2023-10-11T01:32:21.804Z 
> 08DBC9B278D9A989] (in reply to end of DATA command)
> (for a single recipient mail)
> 
> This is happening for multiple tenants on *.mail.protection.outlook.com
> Has anybody made similar observations? According to
> https://sendersupport.olc.protection.outlook.com/snds/ : "All of the 
> specified IPs have normal status."

There are multiple reports of this problem with MS servers on the mailop
list and on reddit too.
Solutions for the problem I have seen none yet, though.

-- 
Regards
  mks

___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: Separating logs for smtp and submission traffic

[Markus Schönhaber via Postfix-users]

03.10.23, 17:50 +0200, Dennis Schafroth via Postfix-users:


Long time user of postfix and quite happy one.

However I have not found a postfix feature of separating logs of smtp (port 25) 
and submission (port 587).

My work-around is to link /usr/lib/postfix/sbin/smtpd to 
/usr/lib/postfix/sbin/submission and change master.cf to use submission.

This generates nice logs with   

Oct  3 16:52:53 nuc postfix/submission[3002042]: connect from e 
xample.com[x.x.x.x]

So while this works fine, but is there a postfix way to do this?


Yes, set syslog_name on the corresponding service in master.cf 
accordingly. Postfix, by default, comes with a master.cf where this is 
used for the (maybe commented) submission an submissions service entries:


submission inet n   -   n   -   -   smtpd
  -o syslog_name=postfix/submission
  [...]

--
Regards
  mks

___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] [OT] converting seconds since epoch (was: Maildir filename format)

[Markus Schönhaber via Postfix-users]

31.07.23, 17:39 +0200, Bill Cole via Postfix-users:

1690633510 is the timestamp in "Unix Epoch Seconds." "date -j -f %s 
1690633510" will do the conversion.


You're probably using a BSD-provided date command.

With the date version from the GNU coreutils, one can decode the epoch 
timestamp like this:

date --date='@1690633510'

--
Regards
  mks

___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: Problems connecting to desktop client

[Markus Schönhaber via Postfix-users]

16.07.23, 15:56 +0200, Wolfgang Paul Rauchholz via Postfix-users:


I run my home server under Rocky Linux 9. The server is modem / router and
as such has two firewall interfaces; internal and external.
My domain is wo-lar.com
Postfix and Dovecot are up and running, and I can send and receive emails
from CLI.
But I cannot connect from desktop clients. I get the following error
message: Server message: Can't connect to host "tcp://wo-lar.com:143"

I tried to telnet from my desktop and server. Results are the same

- I always get a connection refused: telnet wo-lar.com 143 telnet /
telnet  143. On server only: telnet 127.0.0.1 143
- telnet wo-lar 143 (without .com!) establishes a conenction
[root@home wp.rauchholz]# telnet wo-lar 143
Trying 79.152.236.25...
Connected to wo-lar.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE
LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.


I checked firewalld settings. Port 143 is open on my laptop as well as on
the server
I went through main.cf and verified myorigin, myhostname, mydomain,
myorigin. Domain is spelled correctly in all cases.
  Receiving mail: inet_interfaces is set yo all


All these postfix settings are of no relevance since you're trying to 
connect to (Dovecot's) IMAP port 143.



Where is the mistake hiding?


Probably in your dovecot configuration.

--
Regards
  mks


___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: search for compression switch?

[Markus Schönhaber via Postfix-users]

16.07.23, 13:06 +0200, Maurizio Caloro via Postfix-users:


There's no point in postmap'ing cidr tables.


http://www.postfix.org/POSTSCREEN_README.html
 - Permanent allow/denylist test


Where does this document tell you to postmap a cidr table?


Out of curiosity: what's your use case that requires checking the client's

IP against a 47 MB collection of cidr patterns?

Collection of Blacklisted-IP
Tail -n 5 access
123.180.172.22  REJECT
180.117.134.175 REJECT
117.81.108.85   REJECT
77.79.179.242   REJECT
43.155.159.88   REJECT
[snip]

cat access | wc -l
2'294'583

Yes me problem are that this file are to big for me little system


That doesn't seem too surprising to me. And it might be more useful to 
re-think if that's really the way to achieve whatever your goal is, than 
to look for some kind of table compression.


--
Regards
  mks

___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: search for compression switch?

[Markus Schönhaber via Postfix-users]

16.07.23, 10:05 +0200, Maurizio Caloro via Postfix-users:


when i want to provide the file access via postmap, it inflates to double
size.

please is there a compression switch here?

  


postscreen_access_list = permit_mynetworks,

 cidr:/etc/postfix/whitelistCIDR+IP

 cidr:/etc/postfix/access

  


root postfix  47M Jul 16 08:34 /etc/postfix/access

root postfix  83M Jul 16 08:35 /etc/postfix/access.db


There's no point in postmap'ing cidr tables.

Out of curiosity: what's your use case that requires checking the 
client's IP against a 47 MB collection of cidr patterns?


--
Regards
  mks

___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: postfix delimiter question

[Markus Schönhaber via Postfix-users]

17.05.23, 13:20 +0200, Tom Reed via Postfix-users:


multiple items for a given directive, "," or space or "," + space all are
valid delimiters. Am I right? Such as the following.


Yes. From the doc[1]:
| Specify a list of restrictions, separated by commas
| and/or whitespace.


smtpd_relay_restrictions =
permit_mynetworks,permit_sasl_authenticated,defer_unauth_destination

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated
defer_unauth_destination

smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated,
defer_unauth_destination


This is invalid nevertheless, because you failed to follow this
| Continue long lines by starting the next line
| with whitespace.
part of the doc[1].

--
Regards
  mks

[1]: 
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: how to implement plus address

[Markus Schönhaber via Postfix-users]

13.05.23, 12:06 +0200, Tom Reed via Postfix-users:


Put the following in /etc/postfix/main.cf:

   recipient_delimiter = +

cheers,
raf



Just FYI;

If you are using dovecot and postfix is handing off delivery to dovecot
(such as LMTP) you also need to make sure that setting is in the dovecot
config or dovecot will backscatter as unknown user.


How to setup dovecot then? Thank you.


Depending on your setup something of this might be relevant:





But that's a topic for the dovecot list.

--
Regards
   mks

___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org