On Sun, Jun 23, 2024 at 06:06:40PM +, Дилян Палаузов wrote:
> «sendmail -v myself@domain» however hangs.
Of course it does, it is waiting to read the message headers and body
from standard input as expected.
> until I press Ctrl+C. This is Postfix 3.4.13. On Postfix 2.11 the
> same
> You could of course populate:
>
> /var/spool/ccerts//chain.pem
Thanks, that's perfect. Each PHP pool runs as a separate user and that'd
provide equivalent accountability to SO_PEERCRED.
It's never worth it until you get victimized by StealRat or some other
piece of malicious code that
On Thu, Jul 23, 2020 at 07:36:01PM -0500, Matt Saladna wrote:
> > Replace local submission with some IPC-based mechanism, e.g. SMTP.
>
> If my understanding is correct, submitting via SMTP would require
> credentials then to avoid anonymity of TCP unless there's a specific
> service that
fix.
Is there an existing solution that would then act as the following?
Something to pass along auth data in the request without requiring ESMTPA.
program => "smtp" binary => unix socket => incoming postdrop manager =>
postdrop => Postfix
- Matt
On 7/23/2020 7:23 PM, Viktor
id with /usr/sbin/postdrop. postdrop hangs indefinitely unable to
> send its input to Postfix. As an example on CentOS 8 this breaks,
Local mail submission via sendmail(1) *requires* that postdrop(1)
be able to run setgid. If you're going to prevent that, then you
need to submit email
Hi all,
Bit of a pickle here with systemd in CentOS 8. Certain protective
directives, such as DynamicUser= or PrivateDevices=yes implicitly sets
NoNewPrivileges=true (systemd/systemd #12476). In turn that's blocking
setgid with /usr/sbin/postdrop. postdrop hangs indefinitely unable to
send
y tinker with internal protocols, when you can use
> > > documented features?
> >
> > Hm... that you for a hint. This wrapper is easier to implement as
> > wrapper for postdrop.
> >
> > I chose postdrop as I understood that this is the last application in
>
. that you for a hint. This wrapper is easier to implement as
> wrapper for postdrop.
>
> I chose postdrop as I understood that this is the last application in
> "pipeline" which has information about unix before email is put into
> queue.
It's almost the last pr
On Saturday 12 January 2019 18:55:32 Wietse Venema wrote:
> Wietse Venema:
> > Pali Roh?r:
> > > Meanwhile I decoded postdrop protocol and come up with more easier
> > > solution:
> >
> > That is an internal protocol. Programs that depend on this
> &g
Wietse Venema:
> Pali Roh?r:
> > Meanwhile I decoded postdrop protocol and come up with more easier
> > solution:
>
> That is an internal protocol. Programs that depend on this
> are NOT SUPPORTED and will break.
Why not add the extra recipient on the SENDMAIL command
Pali Roh?r:
> Meanwhile I decoded postdrop protocol and come up with more easier
> solution:
That is an internal protocol. Programs that depend on this
are NOT SUPPORTED and will break.
Wietse
On Saturday 12 January 2019 18:14:39 Viktor Dukhovni wrote:
> > On Jan 12, 2019, at 6:02 PM, Pali Rohár wrote:
> >
> > Meanwhile I decoded postdrop protocol and come up with more easier
> > solution:
> >
> > I renamed postdrop binary to postdrop.real and imp
> On Jan 12, 2019, at 6:02 PM, Pali Rohár wrote:
>
> Meanwhile I decoded postdrop protocol and come up with more easier
> solution:
>
> I renamed postdrop binary to postdrop.real and implemented simple
> postdrop wrapper which reads stdin, injects "R" command
really possible for milter to get unix user who invoked
> > postdrop or sendmail wrapper? If yes, how? Because I thought that milter
> > operates on SMTP where is no unix user anymore...
>
> Postfix supports non-SMTP milters. The user's UID is recorded by
> pickup(8) in the top
> On Jan 12, 2019, at 5:31 PM, Pali Rohár wrote:
>
> If you mean external content filters, I wanted to avoid using them.
Sometimes you need to bring out the sledgehammer.
> And it is really possible for milter to get unix user who invoked
> postdrop or sendmail wrapper? If ye
On Saturday 12 January 2019 16:48:24 Viktor Dukhovni wrote:
> > On Jan 12, 2019, at 1:50 PM, Pali Rohár wrote:
> >
> > Is there any option for postdrop which may be equivalent to
> > smtpd_sender_login_maps option used for sasl?
>
> No, because there's no workable
> On Jan 12, 2019, at 1:50 PM, Pali Rohár wrote:
>
> Is there any option for postdrop which may be equivalent to
> smtpd_sender_login_maps option used for sasl?
No, because there's no workable way to reject local submission, so
all you can do is accept and perhaps rewrit
Hello!
Is there any option for postdrop which may be equivalent to
smtpd_sender_login_maps option used for sasl?
I have postfix submission configured with
-o smtpd_sender_restrictions=reject_sender_login_mismatch,permit
-o smtpd_sender_login_maps=hash:/my/file
to ensure that authenticated user
Vincent Lefevre:
[ Charset ISO-8859-1 converted... ]
> On 2017-07-20 06:55:33 -0400, Wietse Venema wrote:
> > Vincent Lefevre:
> > > Jul 20 11:18:11 zira postfix/postdrop[13399]: warning: mail_queue_enter:
> > > create file maildrop/634289.13399: Permission denied
>
On 2017-07-20 06:55:33 -0400, Wietse Venema wrote:
> Vincent Lefevre:
> > Jul 20 11:18:11 zira postfix/postdrop[13399]: warning: mail_queue_enter:
> > create file maildrop/634289.13399: Permission denied
>
> Someone goofed up while playing around as root.
I'm the only ro
Vincent Lefevre:
> Jul 20 11:18:11 zira postfix/postdrop[13399]: warning: mail_queue_enter:
> create file maildrop/634289.13399: Permission denied
Someone goofed up while playing around as root.
To fix, execute "postfix set-permissions".
Wietse
the usual
"/usr/sbin/sendmail -oem -oi" command), it was hanging, and ps showed
that it was due to postdrop, which was hanging. There was no such
problem when I sent a mail 20 minutes before. /var/log/mail.log
contained a succession of
warning: mail_queue_enter: create file maildrop/...:
Kent:
> Hi Wietse,
>
> Thanks - as per my last e-mail, I am getting the errors back.
> It's just the warnings I'm not getting back.
If you are concerned about mistakes, sendmail command line is not
the whole story. There is a lot more that can go wrong.
The MAILLOG file has a complete(*)
Hi Wietse,
Thanks - as per my last e-mail, I am getting the errors back. It's just the
warnings I'm not getting back.
But, I can live with this as the warnings will be my coding errors - so apart
from my test with intentional issues, it hopefully shouldn't happen.
cheers
Kent.
> On
Hi Wietse,
Further to below - after more testing I am getting errors, but not warnings. I
don't know where they are going, but I'm not getting them back at all.
eg. If I call:
> /usr/sbin/sendmail.postfix -g
> sendmail.postfix: invalid option -- 'g'
> sendmail.postfix: invalid option -- 'g'
>
Hi Wietse,
Thanks for your guidance so far.
I'm trying to use the postfix sendmail command line - and have this working
(code is still rough). However, I'm now trying to get any output from the
command.
To simulate an error, I've intentionally added an invalid -N option - which in
my
Kent:
> Hi Wietse,
>
> Okay - I think I've worked out the answer to my second question if I use the
> sendmail command line, with the -N option.
>
> > /usr/sbin/sendmail.postfix -f t...@dev.kamar.kiwi.nz -N 'success, delay,
> > failure' k...@kamar.nz < tmp
>
> Reading through documentation /
Hi Wietse,
Okay - I think I've worked out the answer to my second question if I use the
sendmail command line, with the -N option.
> /usr/sbin/sendmail.postfix -f t...@dev.kamar.kiwi.nz -N 'success, delay,
> failure' k...@kamar.nz < tmp
Reading through documentation / mailing lists, it
Hi Wietse,
Thanks - I'll stop trying to attempt to do it this way then.
The SMTP approach does have the advantage of realtime feedback on the 'rcpt
to:' being accepted and I can spread the load across multiple threads /
connections.
Next question: Is there a way to get a 'delivered'
Kent:
> Hi All,
>
> I have a MongoDB with a set of e-mails that I want to send. I want to be
> able to track their delivery / bounce / delayed status - plus link any
> replies back to the original e-mail.
>
> I have already written a c++ service to handle incoming e-mails (by piping
> the
n data, record type 70 length 114
> Jun 1 22:05:29 mx02 postfix/pickup[30400]: warning: uid=0: unexpected or
> malformed record type -2
So, I've tried to use postdrop < tmp1, however this keeps rejecting my file
with unexpected EOF and malformed input:
> Jun 1 22:31:15 mx02 post
Quanah Gibson-Mount:
> I've seen issues with postdrop for years, complaining that about permission
> denied errors, such as:
>
> postfix/postdrop[4158]: warning: mail_queue_enter: create file
> maildrop/768314.4158: Permission denied
>
> I'm not entirely clear
--On Thursday, December 10, 2015 2:27 PM -0500 Wietse Venema
wrote:
Really, it is as simple as a user-land program that calls open()
and gets access denied by the kernel. If that is not 100% reproducible
then you have a flaky kernel, a flaky file system, or some
Quanah Gibson-Mount:
> --On Thursday, December 10, 2015 2:27 PM -0500 Wietse Venema
> wrote:
>
> > Really, it is as simple as a user-land program that calls open()
> > and gets access denied by the kernel. If that is not 100% reproducible
> > then you have a flaky kernel,
--On Thursday, December 10, 2015 4:35 PM -0500 Wietse Venema
wrote:
If some breakage is specific to one software distribution, then I
would investigate the distribution, instead of blaming the messenger.
You could investigate whether AppArmor has a problem with set-gid
I've seen issues with postdrop for years, complaining that about permission
denied errors, such as:
postfix/postdrop[4158]: warning: mail_queue_enter: create file
maildrop/768314.4158: Permission denied
I'm not entirely clear why they occur. It seems related to postfix being
stopped while
n to the way in which Zimbra
installed packages. There was a few minutes in which postqueue/postdrop
had the wrong permissions, and could get triggered via sendmail for system
mail. Since we're completely reworking how we do packaging, this is now
fixed going forward for Zimbra.
--Quanah
--
Q
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/08/2015 12:07 AM, Patrick Ben Koetter wrote:
On SUSE Postfix packages come with different user/group settings.
Seems like your main.cf does not reflect these requirements:
setgid_group = maildrop mail_owner = postfix
Those are the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/08/2015 12:23 AM, Viktor Dukhovni wrote:
The postdrop(1) executable must be installed setgid() to the group
corresponding to the main.cf setgid_group parameter. This group
must have write access to the maildrop queue sub-directory.
$ ll
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/07/2015 11:20 PM, James Moe wrote:
postdrop: warning: mail_queue_enter: create file
maildrop/546331.4026: Permission denied
After checking the settings in main.cf and running postifx
set-permissions, this problem has gone away.
Thank you
* James Moe ji...@sohnen-moe.com:
opensuse 13.2
linux 3.16.7-7-desktop x86_64
postfix 2.11.0-5.2.2
I create a message using the mail command. When it is sent, the
message below appears every 10 seconds. The same message is in
/var/log/mail.err. I presume postdrop is a part of the postfix
Can you post the output of ls -l /var/spool/postfix please?
Btw, for me it is:
drwx-wx--T 2 postfixpostdrop 4096 Feb 8 07:29 maildrop
André
Am So., Febr. 8, 2015 07:20 schrieb James Moe :
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 opensuse 13.2 linux
3.16.7-7-desktop
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
opensuse 13.2
linux 3.16.7-7-desktop x86_64
postfix 2.11.0-5.2.2
I create a message using the mail command. When it is sent, the
message below appears every 10 seconds. The same message is in
/var/log/mail.err. I presume postdrop is a part
On Sat, Feb 07, 2015 at 11:20:16PM -0700, James Moe wrote:
postdrop: warning: mail_queue_enter: create file maildrop/546331.4026:
Permission denied
The postdrop(1) executable must be installed setgid() to the group
corresponding to the main.cf setgid_group parameter. This group
must have
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
All of a sudden, I'm getting a blizzard of these messages in my logs:
postfix/postdrop[23453]: warning: mail_queue_enter: create file
maildrop/558196.23453: Permission denied
Some mail seems to not be making it through. I haven't touched
David Benfell:
Hi,
All of a sudden, I'm getting a blizzard of these messages in my logs:
postfix/postdrop[23453]: warning: mail_queue_enter: create file
maildrop/558196.23453: Permission denied
Someone removed the set-gid bits from /usr/sbin/postdrop and
/usr/sbin/postqueue?
Execute
On Wed, Aug 31, 2011 at 07:58:55PM -0400, Wietse Venema wrote:
This is extremely difficult to reproduce, but it does happen occasionally
-- We will tell postfix to stop, and once that is complete, a postdrop
process will sometimes remain, and will run until it is manually killed
--On Thursday, September 01, 2011 2:03 PM -0400 Victor Duchovni
victor.ducho...@morganstanley.com wrote:
So the question is what is it that is causing postdrop to loop while
trying to create the queue file?
/*
* Create a file with a temporary name that does not collide. The
process
Victor Duchovni:
On Wed, Aug 31, 2011 at 07:58:55PM -0400, Wietse Venema wrote:
This is extremely difficult to reproduce, but it does happen occasionally
-- We will tell postfix to stop, and once that is complete, a postdrop
process will sometimes remain, and will run until
On Thu, Sep 01, 2011 at 11:26:48AM -0700, Quanah Gibson-Mount wrote:
msg_warn(%s: create file %s: %m, myname, STR(temp_path));
Are the create file warnings found in the system log?
Yes:
Mar 22 19:24:52 domain postfix/postdrop[3624]: warning:
mail_queue_enter: create file
This is extremely difficult to reproduce, but it does happen occasionally
-- We will tell postfix to stop, and once that is complete, a postdrop
process will sometimes remain, and will run until it is manually killed.
Is this an expected behavior of postdrop -- That after the master postfix
Quanah Gibson-Mount:
This is extremely difficult to reproduce, but it does happen occasionally
-- We will tell postfix to stop, and once that is complete, a postdrop
process will sometimes remain, and will run until it is manually killed.
Is this an expected behavior of postdrop
--On Wednesday, August 31, 2011 7:58 PM -0400 Wietse Venema
wie...@porcupine.org wrote:
Quanah Gibson-Mount:
This is extremely difficult to reproduce, but it does happen
occasionally -- We will tell postfix to stop, and once that is
complete, a postdrop process will sometimes remain
sending mail with mutt started failing yesterday with:
postdrop: fatal: getrlimit: Operation not permitted
sendmail: warning: command /usr/sbin/postdrop -r exited with status 1
sendmail: fatal: rthompso(303): unable to execute /usr/sbin/postdrop -r: Success
I'm running gentoo, and tend to keep my
Reid Thompson:
sending mail with mutt started failing yesterday with:
postdrop: fatal: getrlimit: Operation not permitted
Do you have AppArmor/SeLinux/other security software enabled?
Wietse
On 2/9/2011 11:33 AM, Reid Thompson wrote:
sending mail with mutt started failing yesterday with:
postdrop: fatal: getrlimit: Operation not permitted
sendmail: warning: command /usr/sbin/postdrop -r exited with status 1
sendmail: fatal: rthompso(303): unable to execute /usr/sbin/postdrop -r
On 02/09/2011 11:39 AM, Wietse Venema wrote:
Reid Thompson:
sending mail with mutt started failing yesterday with:
postdrop: fatal: getrlimit: Operation not permitted
Do you have AppArmor/SeLinux/other security software enabled?
Wietse
not intentionally -- ;) i've been using
On 02/09/2011 12:36 PM, Brian Evans - Postfix List wrote:
On 2/9/2011 11:33 AM, Reid Thompson wrote:
sending mail with mutt started failing yesterday with:
postdrop: fatal: getrlimit: Operation not permitted
sendmail: warning: command /usr/sbin/postdrop -r exited with status 1
sendmail: fatal
On 02/09/2011 12:36 PM, Brian Evans - Postfix List wrote:
On 2/9/2011 11:33 AM, Reid Thompson wrote:
This was one symptom caused by updating glibc to 2.13
(http://bugs.gentoo.org/show_bug.cgi?id=354041)
There seems to be a lot of issues with glibc 2.13, particularly on
32-bit x86 and
On 02/09/2011 12:57 PM, Reid Thompson wrote:
On 02/09/2011 12:36 PM, Brian Evans - Postfix List wrote:
On 2/9/2011 11:33 AM, Reid Thompson wrote:
sending mail with mutt started failing yesterday with:
postdrop: fatal: getrlimit: Operation not permitted
sendmail: warning: command /usr/sbin
Reid Thompson:
sending mail with mutt started failing yesterday with:
postdrop: fatal: getrlimit: Operation not permitted
Wietse:
Do you have AppArmor/SeLinux/other security software enabled?
Reid Thompson:
not intentionally -- ;) i've been using this system for several
years
On 02/09/2011 01:07 PM, Reid Thompson wrote:
I am running 2.13 glibc as of yesterday which does appear to coincide with my
issue
Wietse/Brian, thanks for the insight.
Luckily it appears that I have only a hand full of non-essential packages built
against the new glibc.
That being the case,
can be easily forged.
So I'm looking for a different way, and found Postdrop does have a
authorized_submit_users parameter.
The idea was to have that call a MySQL stored function that administers the
number of sent messages in the database, and returns a boolean indicating
wheter the user
, and the
sender field can be easily forged.
The policy server is for SMTP mail.
postdrop is for the Postfuix sendmail command (i.e. local submission).
So I'm looking for a different way, and found Postdrop does have a
authorized_submit_users parameter.
The idea was to have that call a MySQL
Floris Bos:
authorized_submit_users=mysql:/etc/postfix/mysql_outgoing_limit.cf
==
it gives an error when trying to send mail:
==
sendmail: fatal: unsupported dictionary type: mysql
This means that MySQL support is not compiled into your Postfix
sendmail command.
Wietse
. with
relay_domains), and ldd shows sendmail is linked to libmysqlclient as well
(just as postdrop).
So it's not like the sendmail binary came from a different build, or anything.
==
# which sendmail
/usr/sbin/sendmail
# ldd /usr/sbin/sendmail
libmysqlclient.so.15 = /usr/local/lib/mysql
Floris Bos:
sendmail: fatal: unsupported dictionary type: mysql
This means that MySQL support is not compiled into your Postfix
sendmail command.
Do I need any special compile option other than the standard -DHAS_MYSQL (and
include/library directory) to get the support into
would have to be able to read
your *SQL etc. password.
Wouldn't it be possible to have the check only done in the postdrop executable
and not in sendmail?
Could make the configuration only readable by the maildrop group then.
--
Yours sincerely,
Floris Bos
Floris Bos:
[ Charset ISO-8859-1 unsupported, converting... ]
Hi,
On Sunday, January 09, 2011 09:34:10 pm Wietse Venema wrote:
Floris Bos:
sendmail: fatal: unsupported dictionary type: mysql
This means that MySQL support is not compiled into your Postfix
sendmail command.
Hi all!
i've created jail on FreeBSD system and put postifx into it.
When i'm in jail and want to send mail i've got many such errors:
Apr 21 16:30:49 rt postfix/postdrop[7852]: warning: mail_queue_enter:
create file maildrop/103703.7852: Permission denied
Apr 21 16:31:14 rt postfix/postdrop[7980
peceka:
Hi all!
i've created jail on FreeBSD system and put postifx into it.
When i'm in jail and want to send mail i've got many such errors:
Apr 21 16:30:49 rt postfix/postdrop[7852]: warning: mail_queue_enter:
create file maildrop/103703.7852: Permission denied
You broke the file
Hi,
What is the proper command that a client can use to send an email using
Postfix? Searching through some old posts, I believe the postdrop command is
not intended to be used by client software. Is that correct?
I have seen references to sendmail but I am not sure if it refers
* Port Able ablep...@yahoo.com:
Hi,
What is the proper command that a client can use to send an email using
Postfix?
sendmail
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203
Port Able:
Hi,
What is the proper command that a client can use to send an email
using Postfix?? Searching through some old posts, I believe the
postdrop command is not intended to be used by client software.?
Is that correct??
You use the Postfix sendmail command.
Wietse
destination is an email address that is
on the same server (i.e. a user that returns non-null in the
mysql_local.cfquery).
I'm pretty sure that all the mail I want to send to the relay is coming to
postfix through the sendmail-postdrop-maildrop-pickup-cleanup path,
whereas all the mail that I want
the mail I want to send to the relay is coming
to postfix through the sendmail-postdrop-maildrop-pickup-cleanup
path, whereas all the mail that I want delivered locally will come over
smtpd. So I was thinking I could just override default_transport or
transport_maps for pickup or cleanup. However
On Thu, Nov 12, 2009 at 04:04:59PM -0500, Mark Washenberger wrote:
The low-brow workaround did the trick. I'm sure the other would have worked
as well, but I'm looking forward to not setting up more instances :-)
The complexity of multiple instances (with Postfix 2.6 and later) is
largely
Hello,
I would like to block emails to particular recipient.
check_recipient_access map works fine for emails sent through SMTP but
it doesn't seem to work when sending email locally e.g. using command:
$ echo | mail -s TEST u...@domain.com
I figured out workaround:
1. create alias in alias map
Marcin Hlybin:
Hello,
I would like to block emails to particular recipient.
check_recipient_access map works fine for emails sent through SMTP but
it doesn't seem to work when sending email locally e.g. using command:
$ echo | mail -s TEST u...@domain.com
None of the smtpd_mumble features
Hi,
I get this error when I tried to send a mail via postdrop.
vhs3:~# cat signedmail.txt | postdrop
queue_id4BAE870402Fpostdrop: fatal: uid=0: unexpected record type: 68
The signedmail.txt contains the following (edited)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; snip
Return-Path: [EMAIL
On Thu, Nov 13, 2008 at 5:16 PM, Wietse Venema [EMAIL PROTECTED] wrote:
Rajkumar S:
Hi,
I get this error when I tried to send a mail via postdrop.
vhs3:~# cat signedmail.txt | postdrop
queue_id4BAE870402Fpostdrop: fatal: uid=0: unexpected record type: 68
The postdrop command behaves
Rajkumar S:
Hi,
I get this error when I tried to send a mail via postdrop.
vhs3:~# cat signedmail.txt | postdrop
queue_id4BAE870402Fpostdrop: fatal: uid=0: unexpected record type: 68
The postdrop command behaves as documented.
http://www.postfix.org/postdrop.1.html
In particular, see
Rajkumar S:
On Thu, Nov 13, 2008 at 5:16 PM, Wietse Venema [EMAIL PROTECTED] wrote:
Rajkumar S:
Hi,
I get this error when I tried to send a mail via postdrop.
vhs3:~# cat signedmail.txt | postdrop
queue_id4BAE870402Fpostdrop: fatal: uid=0: unexpected record type: 68
On Thu, Nov 13, 2008 at 9:22 PM, Wietse Venema [EMAIL PROTECTED] wrote:
As documented, postdrop implements a protocol that is internal to
Postfix.
You are therefore not supposed to use it.
Thanks for the clue stick!
raj
.
___
Aug 14 10:49:08 archie sendmail.postfix[18251]: fatal: execvp
/usr/sbin/postdrop: Permission denied
Aug 14 10:49:09 archie postfix/sendmail[18250]: warning: command
/usr/sbin/postdrop -r exited with status 1
Aug
is not delivered. In the log,
I find this complaint, for which I do not know and cannot find a fix.
Any suggestions will be gratefully accepted.
Aug 14 10:49:08 archie sendmail.postfix[18251]: fatal: execvp
/usr/sbin/postdrop: Permission denied
Selinux, Apparmor or some other system call filter
86 matches
Mail list logo