Keep Postfix running in the foreground

2017-09-26 Thread A Debian User 
Hello,

I am currently having trouble to get postfix running in a Docker Container.

Docker requires a Process to stay alive and in foreground at ID 1, if
not the container dies.

Is there any way to make it stay in the foreground, like it is possible
for instance with _/apachectl -DFOREGROUND/_ (Without scripts,
supervisor, ...)?

Many thanks for helpful replies in advance!

Re: Keep Postfix running in the foreground

2017-09-26 Thread Wietse Venema 
A Debian User:
> Hello,
> 
> I am currently having trouble to get postfix running in a Docker Container.
> 
> Docker requires a Process to stay alive and in foreground at ID 1, if
> not the container dies.
> 
> Is there any way to make it stay in the foreground, like it is possible
> for instance with _/apachectl -DFOREGROUND/_ (Without scripts,
> supervisor, ...)?
> 
> Many thanks for helpful replies in advance!

That is not currently supported. You are welcome to send a patch
for the postfix-script file, for example to implement a "run"
command.  I don't see, however, how one would use this to implement
other management commands (postfix reload, postconf -e, postsuper,
etc.).

Wietse

Re: Bombarded With Spam

2017-09-26 Thread Kirk Bocek 



On 9/25/2017 7:34 AM, Benny Pedersen wrote:

Kirk Bocek skrev den 2017-09-25 16:04:


So I need to receive email from bocek.org and then relay it elsewhere.
That's why I put that there. Is that wrong?


yes each domain must not be listed in both places, sinc postfix need 
to know how to deliver and route it to there destinations


dont fokus on sender access yet, fokus on recipient works before solve 
sender access




Thank you Benny and Wietse. Things are better now. However I have lots 
of log entries like:


Sep 26 11:57:52 amber postfix/smtpd[11213]: NOQUEUE: reject: RCPT from 
unknown[10.0.2.1]:
554 5.7.1 : Sender address rejected: No 
Spam; from=
r...@wysina.com.tw> to= proto=SMTP helo=

First off, at what stage is this rejection happening? Obviously, I want 
it to happen during HELO to keep the bandwidth down.


Second, this server is sitting behind a firewall (10.0.2.1). Is there 
anyway to get the sending IP address instead of the firewall?

Re: Keep Postfix running in the foreground

2017-09-26 Thread Viktor Dukhovni 

> On Sep 26, 2017, at 3:21 PM, A Debian User  
> wrote:
> 
> Hello,
> 
> I am currently having trouble to get postfix running in a Docker Container.
> 
> Docker requires a Process to stay alive and in foreground at ID 1, if not the 
> container dies.
> 
> Is there any way to make it stay in the foreground, like it is possible for 
> instance with apachectl -DFOREGROUND (Without scripts, supervisor, ...)?
> 
> Many thanks for helpful replies in advance!

This is not supported or easy.  In multi-instance deployments Postfix
runs multiple independent master(8) processes.  None of them would be
a natural distinguished foreground top-level process.  There's no
"meta-master" that sticks around to manage all the underlying masters.

Even in a single-instance deployment, I don't see a suitable master(8)
option for staying in the foreground.  You might just need a dummy
process that launches Postfix as a background child process, and sticks
around forever, perhaps periodically trying to lock  the master lock
file and exiting if the lock is available.  This assumes that Docker
permits running background processes.  If not, then Postfix is not
a docker-compatible application.

-- 
Viktor.

Re: Copying IMAP messages instead of Forwarding?

2017-09-26 Thread @lbutlr 

On Sep 25, 2017, at 10:23 AM, Robert Schetterer  wrote:
> https://sys4.de/de/blog/2014/01/12/imap-weiterleitungen-mit-pop3toimap-als-ersatz-fur-smtp-weiterleitungen/

No English version of that, but I'll feed it to google translate and see if it 
looks workable.

-- 
Apple broke AppleScripting signatures in Mail.app, so no random signatures.

Re: Copying IMAP messages instead of Forwarding?

2017-09-26 Thread @lbutlr 
On Sep 25, 2017, at 9:55 AM, Harald Koch  wrote:
> I've been using postsrsd (https://github.com/roehling/postsrsd) successfully 
> to forward email in a similar situation - users with addresses on my box that 
> they want to be forwarded to a Gmail account. It has obvious downsides, but 
> it did solve the problem in my specific case, where google was rejecting ~20% 
> because of SPF failures.

Thanks, that looks promising.


-- 
Apple broke AppleScripting signatures in Mail.app, so no random signatures.

RESOLVED: RE: wrong From: and Return Path: address

2017-09-26 Thread Michael Fox 
> > Michael Fox skrev den 2017-09-21 19:52:
> > > I have a problem that seems to have started when I upgraded from
> Ubuntu
> > > 14.04/Postfix 2.11.0 to Ubuntu 16.04/Postfix 3.1.0.  It involves the
> > > From:
> > > and Return Path: addresses seen by recipients of mail sent from a
> > > virtual
> > > domain on that machine.

This problem turned out to be a DNS issue.  The Postfix 3.1.0 machine's
virtual domain in the From: address was entered in DNS with a CNAME record
pointing to the gateway machine (because they are, indeed, the same
address).  When it was changed to an A record, the problem went away.
Evidently, the user that was certain that the problem only started after the
upgrade was, uhm, mistaken.  The problem also didn't occur on a separate
Postfix 2.11 machine because it's DNS entry was correct.  

BTW, the mail provider found that the default sendmail config and their own
customized config both rewrote the From: header when the From: address was
for a domain that had a CNAME record.  They said this is a config option in
sendmail and they prefer to operate this way.  Interesting that my other
Postfix machines don't do this, nor do many other large email providers.

Michael

Re: RESOLVED: RE: wrong From: and Return Path: address

2017-09-26 Thread Viktor Dukhovni 

> On Sep 26, 2017, at 11:23 PM, Michael Fox  wrote:
> 
> BTW, the mail provider found that the default sendmail config and their own
> customized config both rewrote the From: header when the From: address was
> for a domain that had a CNAME record.  They said this is a config option in
> sendmail and they prefer to operate this way.  Interesting that my other
> Postfix machines don't do this, nor do many other large email providers.

This is an obsolete option in Sendmail that violates decades old SMTP
standards, CNAME canonicalization of recipient domains went away in
RFC 2821 and there are many email domains that are aliases where the
mailbox address is expected to remain unmangled by CNAME expansion of
the domain part.  The operators of the sending system are stuck in the
distant past.

-- 
Viktor.