Re: Question about relay_domains parameter
On 11/1/2017 8:41 PM, J Doe wrote: > Hello, > > I currently have my server configured to perform virtual domain hosting. It > forwards mail addressed to addresses for my virtual domain (ex: example.com), > to Gmail accounts. > > Mail —> u...@example.com —> u...@gmail.com > > I was reading more about the relay_domains parameter in “man 5 postconf”. It > states: > > “[specifies] destination domains (and subdomains thereof) this system > will relay mail *TO*” > > I note that on Postfix 3.0 and later (my server is Postfix 3.1.0), this value > defaults to an empty value. When I specify “postconf | grep -i > relay_domains”, I note that if the compatibility_level is 2 or higher (which > my server is configured to), the value defaults to $mydestination. Yes, "relay_domains=$mydestination" was intended to mirror (historical) behavior of sendmail(TM). It has also been a source of confusion, so the default was changed to empty some time ago. > Would I not have to specify the Gmail DNS names in relay_hosts ? Should I > explicitly configure that ? Not unless you own the gmail.com domain. ;) IIRC you're using virtual_alias_maps to rewrite local addresses to gmail addresses. If that's right, your domain should be listed in virtual_alias_domains, with the user mappings listed in virtual_alias_maps. This is covered in ADDRESS_CLASS_README and the config examples. http://www.postfix.org/ADDRESS_CLASS_README.html http://www.postfix.org/STANDARD_CONFIGURATION_README.html http://www.postfix.org/documentation.html -- Noel Jones
Question about relay_domains parameter
Hello, I currently have my server configured to perform virtual domain hosting. It forwards mail addressed to addresses for my virtual domain (ex: example.com), to Gmail accounts. Mail —> u...@example.com —> u...@gmail.com I was reading more about the relay_domains parameter in “man 5 postconf”. It states: “[specifies] destination domains (and subdomains thereof) this system will relay mail *TO*” I note that on Postfix 3.0 and later (my server is Postfix 3.1.0), this value defaults to an empty value. When I specify “postconf | grep -i relay_domains”, I note that if the compatibility_level is 2 or higher (which my server is configured to), the value defaults to $mydestination. I have mydestination configured to “localhost”. How is it, then, that my server is successfully forwarding to Gmail ? Would I not have to specify the Gmail DNS names in relay_hosts ? Should I explicitly configure that ? Thanks, - J
Re: directing logs to remote syslog with any local syslog instance
On Tue, Oct 31, 2017 at 7:35 AM, Wietse Venemawrote: > zhong ming wu: > > On Mon, Oct 30, 2017 at 8:45 AM, Wietse Venema > wrote: > > > > > Wietse Venema: > > > > zhong ming wu: > > > > > Hello, > > > > > I had successfully used postfix for years and now I am trying to > > > recreate > > > > > postfix clusters in docker and in particular interested in how I > can > > > direct > > > > > all postfix logs from a container to other places. > > > > > > > > > > I do not find in postfix configuration how one can achieve this > > > without any > > > > > local syslog daemon. > > > > > > > > Syslog is a hard library dependency for Postfix. Why can't dockerd > > > > provide a syslog forwarder, just like it already provides a stdout > > > > and stderr forwarder? That would also help with other daemons that > > > > rely on syslog to avoid app-specific logfiles. > > > > > > A search for 'container syslog' turned up some results. Apparently, > > > this can be done by mounting the host's logging sockets inside a > > > container. > > > > > > Example: > > > https://www.projectatomic.io/blog/2016/10/playing-with-docker-logging/ > > > > Great find! It works well except it's not so simple to distinguish the > > logs between host mail log and container mail logs! postfix is relying > on > > the syslog daemon to add hostname information. > > You can configure in main.cf: > > syslog_name = $myhostname/postfix (default=postfix) > > This takes effect after reading main.cf. Errors that happen earlier > will be logged as "syslog_name = postfix". > > This works perfectly! Thank you > Wietse >
Re: greeted me with my own hostname (mail for mydomain.org.ar loops back to myself)
On 11/1/2017 11:02 AM, 9acca9 wrote: > This is the desing: > > local network > (zimbra (192.168.1.5)) - (postfix (192.168.1.20)) > to=, relay=postfix.mydomain.org.ar[190.2.135.194]:25, > delay=0.48, delays=0.19/0.01/0.28/0, dsn=5.4.6, status=bounced (mail for > mydomain.org.ar loops back to myself) > > This is the public ip (190.2.135.194) of postfix... so, yes he is talking to > it self... but why?? why postfix dont send those mails to zimbra??? What im > doing wrong??? Sounds like you're missing a transport_maps entry to tell postfix where to send mail for your domain. http://www.postfix.org/STANDARD_CONFIGURATION_README.html#firewall -- Noel Jones
greeted me with my own hostname (mail for mydomain.org.ar loops back to myself)
Hi to all. Please help.. im going crazy (i try a lot of thing and nothing) i cand send mails but, i cant receive. This is the desing: local network (zimbra (192.168.1.5)) - (postfix (192.168.1.20)) in different machines (yes i know that zimbra have postfix, but i want config postfix in a different machine), so i dont have users in the postfix machine for receive mails. this is all my config: main.cf command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5 html_directory = no inet_interfaces = all inet_protocols = all mail_owner = postfix mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man mydomain = mydomain.org.ar myhostname = postfix.mydomain.org.ar myorigin = $mydomain relay_domains = mydomain.org.ar newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES sample_directory = /usr/share/doc/postfix-2.10.1/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = mydomain.org.ar smtpd_sasl_path = /etc/sasl2/smtpd.conf smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes unknown_local_recipient_reject_code = 550 master.cf smtp inet n - n - - smtpd pickupunix n - n 60 1 pickup cleanup unix n - n - 0 cleanup qmgr unix n - n 300 1 qmgr tlsmgrunix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounceunix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verifyunix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - n - - smtp relay unix - - n - - smtp showq unix n - n - - showq error unix - - n - - error retry unix - - n - - error discard unix - - n - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil scacheunix - - n - 1 scache -- This is the log error: Nov 1 12:50:52 postfix postfix/smtpd[6206]: connect from mail-pg0-f49.google.com[74.125.83.49] Nov 1 12:50:53 postfix postfix/smtpd[6206]: 292EFAFC09: client=mail-pg0-f49.google.com[74.125.83.49] Nov 1 12:50:53 postfix postfix/cleanup[6210]: 292EFAFC09: message-id=Nov 1 12:50:53 postfix postfix/qmgr[6201]: 292EFAFC09: from= , size=2693, nrcpt=1 (queue active) Nov 1 12:50:53 postfix postfix/smtpd[6206]: disconnect from mail-pg0-f49.google.com[74.125.83.49] Nov 1 12:50:53 postfix postfix/smtpd[6206]: connect from unknown[172.16.0.1] Nov 1 12:50:53 postfix postfix/smtp[6211]: warning: host postfix.mydomain.org.ar[190.2.135.194]:25 greeted me with my own hostname postfix.mydomain.org.ar Nov 1 12:50:53 postfix postfix/smtp[6211]: warning: host postfix.mydomain.org.ar[190.2.135.194]:25 replied to HELO/EHLO with my own hostname postfix.mydomain.org.ar Nov 1 12:50:53 postfix postfix/smtp[6211]: 292EFAFC09: to= , relay=postfix.mydomain.org.ar[190.2.135.194]:25, delay=0.48, delays=0.19/0.01/0.28/0, dsn=5.4.6, status=bounced (mail for mydomain.org.ar loops back to myself) Nov 1 12:50:53 postfix postfix/smtpd[6206]: disconnect from unknown[172.16.0.1] Nov 1 12:50:53 postfix postfix/cleanup[6210]: 9F392AFC0B: message-id=<20171101155053.9f392af...@postfix.mydomain.org.ar> Nov 1 12:50:53 postfix postfix/qmgr[6201]: 9F392AFC0B: from=<>, size=4683, nrcpt=1 (queue active) Nov 1 12:50:53 postfix postfix/bounce[6212]: 292EFAFC09: sender non-delivery notification: 9F392AFC0B Nov 1 12:50:53 postfix
Re: Eliminating backscatter
On 31.10.17 18:38, J Doe wrote: Because my server is configured to perform virtual domain hosting, I have the following: /etc/postfix/main.cf mydestination = localhost ...but if a message is sent to a non-existent domain that I *virtually host* for: you apparently mean, non-existent recipient within existent domain (example.com) /etc/postfix/main.cf virtual_alias_domains = example.com virtual_alias_maps = hash:/etc/postfix/virtual ...it generates a NOQUEUE and terminates the SMTP conversation by default. which is correct behaviour. To catch mail that is addressed to non-existent recipients, I add the following to my virtual_alias_maps hash file: /etc/postfix/virtual @example.com ADDRESS_TO_SEND_TO ...where ADDRESS_TO_SEND_TO is the e-mail address to catch e-mails addressed to a non-existent domain. Non-existent recipient, again. And this is exactly what causes backscatter. Don't accept mail to non-existent recipients. If you really must accept it (why?), don't forward it, especially not to gmail. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. WinError #9: Out of error messages.
Re: How to financially support Postfix project?
Paul Menzel: > Dear Postfix folks, > > > Looking at the Postfix Web site [1], I couldn?t find any information if > Postfix needs financial support to ensure the maintenance and > improvement of the code. All that requires a non-profit that can accept funds, which just takes a bit of time and money to set up (I have some experience with US-based ones). Finding the time is the main thing. But yeah, it needs to be done. In the mean time, an organization can donate code by paying a contractor (for example, CNNIC paid for SMTPUTF8 support). BTW Viktor and I are fully employed (and compensated). Work on Postfix is permitted, but it is not part of my job. Wietse > As the background, a lot of public organizations use Postfix in their > infrastructure, and, as for example with OpenSSL, they do not pay > anything for it, but they expect that it is maintained and improved. > This is a fatal attitude in my opinion. Additionally, the administrators > normally do not need training or support, as a lot of them are quite > capable, and know their way around Postfix. Also, public organizations > getting tax payer money also have a hard time to donate money. > > So, can the Postfix project be supported financially? Can ?core > developers? like Wietse and Viktor be supported? > > Are their companies providing support contracts, where employees are > actively supporting the Postfix development by either sending patches > (including documentation) or promising to give a certain amount of that > money to the Postfix project? I found for example credativ [2]. > > > Kind regards, > > Paul > > > [1] http://www.postfix.org/ > [2] http://www.credativ.de/software/software%C3%BCbersicht/mail/postfix >
How to financially support Postfix project?
Dear Postfix folks, Looking at the Postfix Web site [1], I couldn’t find any information if Postfix needs financial support to ensure the maintenance and improvement of the code. As the background, a lot of public organizations use Postfix in their infrastructure, and, as for example with OpenSSL, they do not pay anything for it, but they expect that it is maintained and improved. This is a fatal attitude in my opinion. Additionally, the administrators normally do not need training or support, as a lot of them are quite capable, and know their way around Postfix. Also, public organizations getting tax payer money also have a hard time to donate money. So, can the Postfix project be supported financially? Can “core developers” like Wietse and Viktor be supported? Are their companies providing support contracts, where employees are actively supporting the Postfix development by either sending patches (including documentation) or promising to give a certain amount of that money to the Postfix project? I found for example credativ [2]. Kind regards, Paul [1] http://www.postfix.org/ [2] http://www.credativ.de/software/software%C3%BCbersicht/mail/postfix