Re: How to write a milter with access to carddav

[Bastian Blank]

On Fri, Mar 09, 2018 at 11:53:00AM +, André Rodier wrote:
> I would like to know if there is any milter for postfix that would let
> me query a CardDav server?

Well, don't.  Milter is latency sensitive and it will break mail
delivery if you don't manage to get it right.

If you use the correct Sieve implementation you can ask it to run stuff
for you:

https://raw.githubusercontent.com/dovecot/pigeonhole/master/doc/rfc/spec-bosch-sieve-extprograms.txt

Bastian

-- 
The heart is not a logical organ.
-- Dr. Janet Wallace, "The Deadly Years", stardate 3479.4

Re: Postfix is slow accepting incoming mails

[Viktor Dukhovni]

> On Mar 9, 2018, at 7:23 AM, Nikolai Dahlem  wrote:
> 
> I run a local instance of unbound for dns caching

Good.

> Below is postconf -n output:
> 
> milter_default_action = accept
> milter_protocol = 6
> non_smtpd_milters = $smtpd_milters
> smtpd_milters = inet:127.0.0.1:8891

Everything else looks rather vanilla, so the next thing to look for is latency
in the milter.  What does this milter do?

Also check your syslog configuration, make sure it is not syncing the log file
to disk on every write.

-- 
Viktor.

Re: unknown recipient issue

[John Fawcett]

On 09/03/18 11:40, Alfredo De Luca wrote:
> Hi all. 
> We have Postfix 2.10 as company mailserver. 
> I noticed that when I send an email to a not-existing user mailbox in
> our domain I don't receive an email back saying unknown mailbox or
> similar.
>
> What do I need to do on main.cf  in order to achieve
> that? 
>
> Cheers
>
> -- 
> /Alfredo/
You're probably looking for local_recipient_maps parameter, depending on
how your postfix is setup. This mail also help:

http://www.postfix.org/LOCAL_RECIPIENT_README.html

John

Re: LMTP and virtual users confusion

[John Fawcett]

On 09/03/18 11:47, Joe Buck wrote:
> Hi fair folks. After years of using OS X servers I'm back on FreeBSD and
> well... owls have sure aged since then.
>
> So I'm trying to do a virtual domain+virtual users setup with Dovecot where
> I'd have several virtual domains and several users. Each user is supposed to
> be authenticated via the simple username both for SMTP and IMAP, not a full
> email address and each will have several email aliases on different domains.
> Pretty simple so far. However, I've set up the virtual_transport to be lmtp
> and that transport relays the entire recipient's email address to Dovecot.
>
> main.cf:
>
> virtual_transport = lmtp:unix:private/dovecot-lmtp
> virtual_mailbox_domains = aqq.is
> virtual_mailbox_maps = hash:/usr/local/etc/postfix/virtualmailboxes
>
> virtualmailboxes:
> t...@aqq.is   testmail
> te...@aqq.is  testmail
>
> And in the mail log:
>
> dovecot: lmtp(20405): Connect from local
> dovecot: auth-worker(20407): passwd(t...@aqq.is): unknown user
>
> I would expect Postfix to accept mail both for test and test2 and tell
> Dovecot via LMTP to deliver the mail to the user named testmail. But I
> cannot do that because Postfix doesn't relay "testmail" to Dovecot for user
> lookup.
>
> All other options that I've tried either make Postfix try to write to
> mailboxes by itself or make Dovecot indiscriminate and accept every incoming
> message, creating folders with different email addresses.
>
> So the question is, what am I doing wrong there? Is the configuration that I
> have in my mind even possible?
> And suppose if it's possible, second question is how do I make SMTP
> authentication work in such a scenario?
>
>
>
> --
> Sent from: http://postfix.1071664.n5.nabble.com/Postfix-Users-f2.html

from the documentation page
http://www.postfix.org/postconf.5.html#virtual_mailbox_maps

virtual_mailbox_maps (default: empty)

In a lookup table, specify a left-hand side of "@domain.tld" to match
any user in the specified domain that does not have a specific
"u...@domain.tld" entry.

The remainder of this text is specific to the virtual(8)
 delivery agent. It does not
apply when mail is delivered with a different mail delivery program.

What you are probably looking for is virtual_alias_maps

See also

www.postfix.org/VIRTUAL_README.html

John

ping, please ignore

[Wietse Venema]

End-to-end verification. My last post was not distributed to the list.

The compatibility_level mechanism

[Jesper Dybdal]

The compatibility_level mechanism is an excellent and very well designed 
idea.  But I must have misunderstood something - or there is an error.


Around christmas I upgraded from postfix 2.11 to 3.1.6 (Debian 9).

I let the system run with compatibility_level=0 for a couple of months.

I then checked the log file for occurrences of "using 
backwards-compatible", which I thought would tell me where I depended on 
obsolete default settings.


Apart from some "chroot=y" warnings (which I fixed), there were no such 
entries.


So I recently set compatibility_level to 2.

Very soon after that I saw the following error (with domain names changed):

postfix/smtp[11021]: 3zw35550Qyz4FNxb: 
to=, orig_to=, 
relay=127.0.0.1[127.0.0.1]:10027, delay=0.4, delays=0.39/0.01/0/0, 
dsn=5.6.7, status=bounced (SMTPUTF8 is required, but was not offered 
by host 127.0.0.1[127.0.0.1])


This was a message sent from a local CGI script using sendmail.  Its 
sender and recipient were in US-ASCII, but the subject line contained 
(unencoded, standards-violating) ISO 8859-1 characters.


[127.0.0.1]:10027 is amavisd-new 2.10.1, which I believe should support 
SMTPUTF8 (see 
https://groups.google.com/forum/#!topic/mailing.postfix.users/rKdbrpw0nc8). 
But that is not a postfix issue, so forget that.


What I do not understand, postfix-wise, is that I have seen no warnings 
about "using backwards-compatible" default value of smtputf8_enable 
during the period where I was using compatibility_level=0.  The same CGI 
script has undoubtedby sent several mails with ISO-8859-1 subject lines 
during that period.


I have of course now set smtputf8_enable=no until I understand what is 
going on, but I would like to understand why the compatibility_level 
mechanism did not warn me about this problem.


Jesper Dybdal

--
Jesper Dybdal
http://www.dybdal.dk

Greylisting?

[john]

I  was just taking a look through my postfix configuration and noticed 
that I have a "check_policy_service" for postgrey a greylisting service.


I greylisting still considered worthwhile or should I drop it?

TIA

John A

Re: LMTP and virtual users confusion

[Bill Cole]

On 9 Mar 2018, at 5:47, Joe Buck wrote:

Hi fair folks. After years of using OS X servers I'm back on FreeBSD 
and

well... owls have sure aged since then.

So I'm trying to do a virtual domain+virtual users setup with Dovecot 
where
I'd have several virtual domains and several users. Each user is 
supposed to
be authenticated via the simple username both for SMTP and IMAP, not a 
full
email address and each will have several email aliases on different 
domains.
Pretty simple so far. However, I've set up the virtual_transport to be 
lmtp
and that transport relays the entire recipient's email address to 
Dovecot.


main.cf:

virtual_transport = lmtp:unix:private/dovecot-lmtp
virtual_mailbox_domains = aqq.is
virtual_mailbox_maps = hash:/usr/local/etc/postfix/virtualmailboxes

virtualmailboxes:
t...@aqq.is testmail
te...@aqq.istestmail

And in the mail log:

dovecot: lmtp(20405): Connect from local
dovecot: auth-worker(20407): passwd(t...@aqq.is): unknown user



There's so much missing information here that it is impossible to know 
what's happening.


See http://www.postfix.org/DEBUG_README.html#mail for suggestions of 
what information to provide to make it possible for others here to 
assist you. Most important: the output of 'postconf -n' and all of the 
possibly relevant log lines, intact.

Re: How to write a milter with access to carddav

[J Doe]

Hi Andre,

> On Mar 9, 2018, at 6:53 AM, André Rodier  wrote:
> 
> Hello,
> 
> I would like to know if there is any milter for postfix that would let
> me query a CardDav server?
> 
> The idea is to add a custom header, for instance 'X-Address-Book:
> Personal' if the from email address is referenced in a personal carddav
> address book of the recipient.
> 
> This will be used by a sieve filter, for instance to mark the emails as
> "Personal" / or "importants", al GMail, to keep them in the inbox.
> 
> Otherwise, if you can point me in a direction on how to write this, I
> will be happy. I can write it in Go, C, Perl, Python, etc.
> 
> I hope it's clear, thanks for your help.

I don’t have a solution to your question but out of curiosity, what is your 
CardDAV backend ?

- J

Re: How to write a milter with access to carddav

[Andre Rodier]

On 10/03/2018 16:29, J Doe wrote:

Hi Andre,


On Mar 9, 2018, at 6:53 AM, André Rodier  wrote:

Hello,

I would like to know if there is any milter for postfix that would let
me query a CardDav server?

The idea is to add a custom header, for instance 'X-Address-Book:
Personal' if the from email address is referenced in a personal 
carddav

address book of the recipient.

This will be used by a sieve filter, for instance to mark the emails 
as

"Personal" / or "importants", al GMail, to keep them in the inbox.

Otherwise, if you can point me in a direction on how to write this, I
will be happy. I can write it in Go, C, Perl, Python, etc.

I hope it's clear, thanks for your help.


I don’t have a solution to your question but out of curiosity, what is
your CardDAV backend ?

- J

Hello J,

I don't know yet which back-end I am going to use, I used Davical by the 
past. Basically, there is two conditions:


- authentication through LDAP
- included in Debian

I have not reached the point to add the CardDav server yet, but soon.

I may have a look to Sogo as well.

The project is here: https://github.com/progmaticltd/homebox

Kind regards,
André

Removing trace records on submission MSA

[J Doe]

Hi,

I have a question in regards to removing some trace records when providing 
submission on Postfix 3.1.x and later.

While reading RFC 6409 (“Message Submission for Mail”), I note that the RFC 
observes that:

"Even when submitted messages are complete, local site policy may dictate 
that the message text be
   examined or modified in some way, e.g., to conceal local name or address 
spaces.”

By this I take it that I could remove perhaps the initial trace message that 
returns information about internal addresses
and network names.  It seems to me that both Hotmail/Outlook and Gmail do this.

Is this acceptable ?  The only bad side to it would appear to be possibly some 
increased difficulty in troubleshooting.

If it is an acceptable process, how would I configure Postfix to do this only 
on submission ?

Thanks,

- J