[pfx] Re: secondary MX server
Corey Hickman via Postfix-users writes: > Hello, > > Since almost every sending MTA has the queues, do I need a secondary > MX for my domain email? > > I am afraid the secondary MX was abused by spammers. > > Thanks. I am now running secondary mx. It is valuable for me. Use MTA-STS (testing is profer) if you want to mitigate spam things. Sincerely, -- ^고맙습니다 _地平天成_ 감사합니다_^))// ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: secondary MX server
On 01/04/2023 08:04, Peter via Postfix-users wrote: On 1/04/23 00:36, Corey Hickman via Postfix-users wrote: Since almost every sending MTA has the queues, do I need a secondary MX for my domain email? Secondary, or backup MXes are almost never recommended in the modern internet and tend to be a relic of the 1990s dialup internet. What is often times done for very high traffic situations is load balancing, which can be implemented similar to a secondary MX (but having the same MX priority for two or more servers instead of different priorities). Secondary MX entries can also be used for a type of spam trap since spammers will often times try to abuse them and send directly to the secondary MX instead of trying the primary first as they should do, see "MAIL EXCHANGER POLICY TESTS" in postscreen(8) for an implementation of this. None of this is what you are considering. If you still want to implement a secondary MX then it must have all of the same anti-spam measures as the primary server, be just as well maintained, and requires a lot of work to get right, all of this for a server which will likely see little or no legitimate email traffic. My opinion is you are better served spending your time and efforts on the primary server. That's all right. Thanks. ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: secondary MX server
On 1/04/23 00:36, Corey Hickman via Postfix-users wrote: Since almost every sending MTA has the queues, do I need a secondary MX for my domain email? Secondary, or backup MXes are almost never recommended in the modern internet and tend to be a relic of the 1990s dialup internet. What is often times done for very high traffic situations is load balancing, which can be implemented similar to a secondary MX (but having the same MX priority for two or more servers instead of different priorities). Secondary MX entries can also be used for a type of spam trap since spammers will often times try to abuse them and send directly to the secondary MX instead of trying the primary first as they should do, see "MAIL EXCHANGER POLICY TESTS" in postscreen(8) for an implementation of this. None of this is what you are considering. If you still want to implement a secondary MX then it must have all of the same anti-spam measures as the primary server, be just as well maintained, and requires a lot of work to get right, all of this for a server which will likely see little or no legitimate email traffic. My opinion is you are better served spending your time and efforts on the primary server. I am afraid the secondary MX was abused by spammers. Indeed, it often is. Peter ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: [ext] Re: Issues on incoming queue
Ralf Hildebrandt via Postfix-users: > * Wietse Venema via Postfix-users : > > > Start by looking for "@domain" wildcards in virtual_alias_maps or > > Somewhat related: I was under the impression that virtual_alias_maps > "@domainA @domainB" did NOT break recipient verifiction. Or am I > hallucinating? Without reject_unverified_recipient, @domain breaks SMTP recipient validation, as does an empty relay_recipient_maps setting. Wietse ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: Success DSN for virtual mailboxes not working
> -Mensagem original- > De: Matus UHLAR - fantomas via Postfix-users > Enviada: 31 de março de 2023 12:29 > Para: postfix-users@postfix.org > Assunto: [pfx] Re: Success DSN for virtual mailboxes not working > > >> Nuno Pereira via Postfix-users skrev den 2023-03-30 20:29: > >> > We have tried to figure out why this happens, but haven't found a > >> > solution until now. > > >> logs ? > > On 31.03.23 12:10, Nuno Pereira via Postfix-users wrote: > >I don't find anything relevant in logs: just an indication that a DSN > >was sent when it's the case, and nothing when it doesn't: > > > >Mar 31 10:32:42 postfix/bounce[1305381]: E27BF2361: sender > >delivery status notification: 6A9202190 > > this only says a notification was generated. > E27BF2361 is the queue ID of the original mail > 6A9202190 is the queue ID of the notification > > searching for both in logs should explain what happened to the original mail and to > the notification. As I've posted in another message, for the messages sent to a real domain we get logs like that, but for messages sent to virtual domains we just dont get any logs about success DSN: it's just like the DSN report wasn't requested. Nuno Pereira G9Telecom Portugal smime.p7s Description: S/MIME cryptographic signature ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: [ext] Re: Issues on incoming queue
* Wietse Venema via Postfix-users : > Start by looking for "@domain" wildcards in virtual_alias_maps or Somewhat related: I was under the impression that virtual_alias_maps "@domainA @domainB" did NOT break recipient verifiction. Or am I hallucinating? -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | https://www.charite.de ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: Issues on incoming queue
Israel britto via Postfix-users: [ Charset ISO-8859-1 converted... ] > Hey, I have a strange problem, my incoming queue is growing and my active and > deferred queues are low on queue items. I checked and I have a lot of > incoming mailer-daemon and double-bounce emails, is there a way to discard > these messages? > I've already tried to create a transport_map by sending all incoming messages > to my domain to be discarded, like this @mydomain discard:silently > But even so I continue to be flooded with messages of this type in incoming. > Has anyone had this problem that can help me? Likely, you have broken recipient address validation. Start by looking for "@domain" wildcards in virtual_alias_maps or relay_recipient_maps, and replace that with valid recipient addresses. If relay_recipient_maps is empty, and relay_domains is non-empty, relay_recipient_maps needs to be populated with valid recipient addresses. If you can't create a list of valid recipient addresses, you need to implement recipient address verification as described in https://www.postfix.org/ADDRESS_VERIFICATION_README.html#recipient. Wietse ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: [ext] Issues on incoming queue
* Israel britto via Postfix-users : > Hey, I have a strange problem, my incoming queue is growing and my > active and deferred queues are low on queue items. I checked and I > have a lot of incoming mailer-daemon and double-bounce emails, is > there a way to discard these messages? Read them using "postcat -q QUEUEID" to find out what's causing them. Then fix that first. > I've already tried to create a transport_map by sending all incoming messages > to my domain to be discarded, like this @mydomain discard:silently > But even so I continue to be flooded with messages of this type in incoming. Yes, since they come in FIRST to be discarded after! -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | https://www.charite.de ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Issues on incoming queue
Hey, I have a strange problem, my incoming queue is growing and my active and deferred queues are low on queue items. I checked and I have a lot of incoming mailer-daemon and double-bounce emails, is there a way to discard these messages? I've already tried to create a transport_map by sending all incoming messages to my domain to be discarded, like this @mydomain discard:silently But even so I continue to be flooded with messages of this type in incoming. Has anyone had this problem that can help me? ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: Success DSN for virtual mailboxes not working
There is a difference in MailScanner logging when a SUCCESS DSN is created and when it is not created. Wietse Venema via Postfix-users: > Nuno Pereira via Postfix-users: > > Logs of message with success DSN sent: > > > > Mar 31 13:26:16 MAIL01 postfix/cleanup[110]: 21069213F: > > message-id= > uYAAA4AABB+0ZLW85dyTYzsfdF+fjJNAQA=@otherdomain.com> > > Mar 31 13:26:19 MAIL01 MailScanner[1402982]: Requeue: 21069213F.A0295 to > > C91CB2217 > > Mar 31 13:26:19 MAIL01 dovecot: > > lmtp(nuno.pere...@virtualdomain.com)<1448368>: > > msgid= > 4AABB+0ZLW85dyTYzsfdF+fjJNAQA=@otherdomain.com>: saved mail to > > INBOX > > Mar 31 13:26:19 MAIL01 dovecot: lmtp(1448368): Disconnect from local: > > Client has > > quit the connection (state=READY) > > Mar 31 13:26:19 MAIL01 postfix/lmtp[1444780]: C91CB2217: > > to=, > > relay=mail01.nortenet.pt[private/dovecot-lmtp], delay=3, > > delays=2.9/0/0/0.07, > > dsn=2.0.0, status=sent (250 2.0.0 > > CCo8BWvRJmSwGRYAi7tdOA Saved) > > Mar 31 13:26:19 MAIL01 postfix/cleanup[110]: 26C44213F: > > message-id=<20230331122619.26c442...@mail01.nortenet.pt> > > Mar 31 13:26:19 MAIL01 postfix/qmgr[3435793]: 26C44213F: from=<>, size=3618, > > nrcpt=1 (queue active) > > Mar 31 13:26:19 MAIL01 postfix/bounce[1449644]: C91CB2217: sender delivery > > status notification: 26C44213F > > Mar 31 13:26:19 MAIL01 postfix/qmgr[3435793]: C91CB2217: removed > > Mar 31 13:26:19 MAIL01 postfix/smtp[1449595]: 26C44213F: > > to=, > > relay=a.mx.interacesso.pt[212.13.45.18]:25, > > delay=0.02, delays=0/0/0.02/0, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued > > as > > 2BAA81D38) > > Mar 31 13:26:19 MAIL01 postfix/qmgr[3435793]: 26C44213F: removed > > Above a DSN is created with: > > > Mar 31 13:26:19 MAIL01 postfix/bounce[1449644]: C91CB2217: sender delivery > > status notification: 26C44213F Note that the above has no MailWatch logging. > > Logs of message with success DSN not sent: > > > > Mar 31 13:25:39 MAIL01 postfix/cleanup[110]: E3F7220E5: > > message-id= > uYAAA4AABAEaRBcggJbQphyIaiykwwrAQA=@otherdomain.com> > > Mar 31 13:25:43 MAIL01 MailScanner[1402982]: Requeue: E3F7220E5.A2EE1 to > > 048FA228D > > Mar 31 13:26:19 MAIL01 postfix/qmgr[3435793]: C91CB2217: > > from=, size=27235, nrcpt=1 (queue active) > > Mar 31 13:25:43 MAIL01 postfix/qmgr[3435793]: 048FA228D: > > from=, size=20866, nrcpt=1 (queue active) > > Mar 31 13:25:43 MAIL01 dovecot: lmtp(1448368): Connect from local > > Mar 31 13:25:43 MAIL01 MailScanner[1402982]: Unscanned: Delivered 1 messages > > Mar 31 13:25:43 MAIL01 MailScanner[1402982]: Deleted 1 messages from > > processing-database > > Mar 31 13:25:43 MAIL01 MailScanner[1402982]: MailWatch: Logging message > > E3F7220E5.A2EE1 to SQL > > Mar 31 13:25:43 MAIL01 MailScanner[1405172]: MailWatch: E3F7220E5.A2EE1: > > Logged > > to MailWatch SQL > > Mar 31 13:25:43 MAIL01 dovecot: > > lmtp(nuno.pere...@interacesso.pt)<1448368>: > > msgid= > 4AABAEaRBcggJbQphyIaiykwwrAQA=@otherdomain.com>: saved mail to > > INBOX > > Mar 31 13:25:43 MAIL01 postfix/lmtp[1448361]: 048FA228D: > > to=, orig_to=, > > relay=mail01.nortenet.pt[private/dovecot-lmtp], delay=3.2, > > delays=3.1/0/0/0.06, > > dsn=2.0.0, status=sent (250 2.0.0 > > iPZaA0fRJmSwGRYAi7tdOA Saved) > > Mar 31 13:25:43 MAIL01 postfix/qmgr[3435793]: 048FA228D: removed > > Here, no sender notification is created: there is no logging that says: > > > MAIL01 postfix/bounce[XXX]: : sender delivery > > status notification: Note that this message had "MailScanner" logging that the first mssage had not: > > Mar 31 13:25:43 MAIL01 MailScanner[1402982]: Unscanned: Delivered 1 messages > > Mar 31 13:25:43 MAIL01 MailScanner[1402982]: Deleted 1 messages from > > processing-database > > Mar 31 13:25:43 MAIL01 MailScanner[1402982]: MailWatch: Logging message > > E3F7220E5.A2EE1 to SQL > > Mar 31 13:25:43 MAIL01 MailScanner[1405172]: MailWatch: E3F7220E5.A2EE1: > > Logged > > to MailWatch SQL "Deleted 1 messages from processing-database" could that be the lost SUCCESS DSN? > If you still believe that this is a Postfix problem, then you MUST > reproduce the problem WITHOUT USING MailScanner. And I'll keep that requirement. Wietse ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: Success DSN for virtual mailboxes not working
Nuno Pereira via Postfix-users: > Logs of message with success DSN sent: > > Mar 31 13:26:16 MAIL01 postfix/cleanup[110]: 21069213F: > message-id= uYAAA4AABB+0ZLW85dyTYzsfdF+fjJNAQA=@otherdomain.com> > Mar 31 13:26:19 MAIL01 MailScanner[1402982]: Requeue: 21069213F.A0295 to > C91CB2217 > Mar 31 13:26:19 MAIL01 dovecot: > lmtp(nuno.pere...@virtualdomain.com)<1448368>: > msgid= 4AABB+0ZLW85dyTYzsfdF+fjJNAQA=@otherdomain.com>: saved mail to > INBOX > Mar 31 13:26:19 MAIL01 dovecot: lmtp(1448368): Disconnect from local: Client > has > quit the connection (state=READY) > Mar 31 13:26:19 MAIL01 postfix/lmtp[1444780]: C91CB2217: > to=, > relay=mail01.nortenet.pt[private/dovecot-lmtp], delay=3, delays=2.9/0/0/0.07, > dsn=2.0.0, status=sent (250 2.0.0 > CCo8BWvRJmSwGRYAi7tdOA Saved) > Mar 31 13:26:19 MAIL01 postfix/cleanup[110]: 26C44213F: > message-id=<20230331122619.26c442...@mail01.nortenet.pt> > Mar 31 13:26:19 MAIL01 postfix/qmgr[3435793]: 26C44213F: from=<>, size=3618, > nrcpt=1 (queue active) > Mar 31 13:26:19 MAIL01 postfix/bounce[1449644]: C91CB2217: sender delivery > status notification: 26C44213F > Mar 31 13:26:19 MAIL01 postfix/qmgr[3435793]: C91CB2217: removed > Mar 31 13:26:19 MAIL01 postfix/smtp[1449595]: 26C44213F: > to=, relay=a.mx.interacesso.pt[212.13.45.18]:25, > delay=0.02, delays=0/0/0.02/0, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as > 2BAA81D38) > Mar 31 13:26:19 MAIL01 postfix/qmgr[3435793]: 26C44213F: removed Above a DSN is created with: > Mar 31 13:26:19 MAIL01 postfix/bounce[1449644]: C91CB2217: sender delivery > status notification: 26C44213F Which is delivered as expected. > Logs of message with success DSN not sent: > > Mar 31 13:25:39 MAIL01 postfix/cleanup[110]: E3F7220E5: > message-id= uYAAA4AABAEaRBcggJbQphyIaiykwwrAQA=@otherdomain.com> > Mar 31 13:25:43 MAIL01 MailScanner[1402982]: Requeue: E3F7220E5.A2EE1 to > 048FA228D > Mar 31 13:26:19 MAIL01 postfix/qmgr[3435793]: C91CB2217: > from=, size=27235, nrcpt=1 (queue active) > Mar 31 13:25:43 MAIL01 postfix/qmgr[3435793]: 048FA228D: > from=, size=20866, nrcpt=1 (queue active) > Mar 31 13:25:43 MAIL01 dovecot: lmtp(1448368): Connect from local > Mar 31 13:25:43 MAIL01 MailScanner[1402982]: Unscanned: Delivered 1 messages > Mar 31 13:25:43 MAIL01 MailScanner[1402982]: Deleted 1 messages from > processing-database > Mar 31 13:25:43 MAIL01 MailScanner[1402982]: MailWatch: Logging message > E3F7220E5.A2EE1 to SQL > Mar 31 13:25:43 MAIL01 MailScanner[1405172]: MailWatch: E3F7220E5.A2EE1: > Logged > to MailWatch SQL > Mar 31 13:25:43 MAIL01 dovecot: > lmtp(nuno.pere...@interacesso.pt)<1448368>: > msgid= 4AABAEaRBcggJbQphyIaiykwwrAQA=@otherdomain.com>: saved mail to > INBOX > Mar 31 13:25:43 MAIL01 postfix/lmtp[1448361]: 048FA228D: > to=, orig_to=, > relay=mail01.nortenet.pt[private/dovecot-lmtp], delay=3.2, > delays=3.1/0/0/0.06, > dsn=2.0.0, status=sent (250 2.0.0 > iPZaA0fRJmSwGRYAi7tdOA Saved) > Mar 31 13:25:43 MAIL01 postfix/qmgr[3435793]: 048FA228D: removed Here, no sender notification is created: there is no logging that says: > MAIL01 postfix/bounce[XXX]: : sender delivery > status notification: Either the original message had no "notify=success", or MailScanner mis-handled the Postfix queue file record. There is a history of MailScanner breaking DSN Success notification, see for example https://github.com/E-F-A/v4/issues/193 - the bug report has two examples: one example where a success DSN is created, and one example where no success DSN is created. Perhaps that sounds familiar to you. For a workaround, see https://github.com/E-F-A/v4/issues/193#issuecomment-688494424 https://github.com/E-F-A/v4/issues/193#issuecomment-688494619 If you still believe that this is a Postfix problem, then you MUST reproduce the problem WITHOUT USING MailScanner. Wietse ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: Success DSN for virtual mailboxes not working
On Fri, Mar 31, 2023 at 02:00:49PM +0100, Nuno Pereira via Postfix-users wrote: > Logs of message with success DSN sent: Are you sure you syslog system is not dropping some of the log messages? (A common problem with systemd-based logging). > Mar 31 13:26:19 MAIL01 postfix/lmtp[1444780]: C91CB2217: > to=, > relay=mail01.nortenet.pt[private/dovecot-lmtp], > delay=3, delays=2.9/0/0/0.07, > dsn=2.0.0, > status=sent > (250 2.0.0 CCo8BWvRJmSwGRYAi7tdOA Saved) > Logs of message with success DSN not sent: > > Mar 31 13:25:43 MAIL01 MailScanner[1402982]: Requeue: E3F7220E5.A2EE1 to > 048FA228D Plus you also have MailScanner messing around with your mail. > Mar 31 13:25:43 MAIL01 postfix/lmtp[1448361]: 048FA228D: > to=, > orig_to=, > relay=mail01.nortenet.pt[private/dovecot-lmtp], > delay=3.2, delays=3.1/0/0/0.06, dsn=2.0.0, status=sent > (250 2.0.0 iPZaA0fRJmSwGRYAi7tdOA Saved) The second message went through virtual alias rewriting, the first did not. The final recipient is not equal to the original recipient. -- Viktor. ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: Success DSN for virtual mailboxes not working
> -Mensagem original- > De: Wietse Venema via Postfix-users > Enviada: 31 de março de 2023 12:54 > Para: Postfix users > Assunto: [pfx] Re: Success DSN for virtual mailboxes not working > > Nuno Pereira via Postfix-users: > > > De: Wietse Venema via Postfix-users > > > Enviada: 30 de mar?o de 2023 21:25 > > > Para: Postfix users > > > Assunto: [pfx] Re: Success DSN for virtual mailboxes not working > > > > > > Nuno Pereira via Postfix-users: > > > > Hello. > > > > > > > > We have a setup where postifix is configured to send all mails > > > > sent to domain virtualdomain.com are virtual and sent to realdomain.com. > > > > > > > > This is done with the following configuration: > > > > > > > > virtual_alias_domains = virtualdomain.com > > > > > > > > virtual_alias_maps = > > > > mysql:/etc/postfix/mysql-virtual-email2email.cf > > > > > > > > virtual_mailbox_domains = realdomain.com > > > ... > > > > The problem is with DSN for success messages: they're not returned > > > > for emails sent to @virtualdomain.com, but are for ones sent to > > > > @realdomain.com (which aren't a virtual on it's own). > > > > > > When an alias is 1-many or when a virtual address is aliased to a > > > (different) real address, Postfix will send a DSN with > > > action=expanded for the > > virtual > > > address. So maybe you should look for Postfix logs with "action=expanded" > > > notificiations. > > > > > > The reason for sending an action=expanded DSN (with the virtual > > > address in the "Final-Recipient:" field) instead of action=success > > > (with the real address in > > the > > > "Final-Recipient:" field) is that Postfix tries to avoid revealing > > > the real > > address to the > > > sender. > > > > I can't find that information on postfix logs. Is there anything that > > I should activate to log it? > > And as we're at logs, is there any configuration that enables logging > > of emails for which a success DSN (delivery receipt) was requested? > > When I send a mesage with notify=success to a virtual alias, that results in a sender > notification. > > Logging: > > Mar 31 07:29:50 spike postfix/cleanup[72315]: 4PnykQ6rRgzJrP3: message- > id=<4pnykq6rrgzj...@spike.porcupine.org> > Mar 31 07:29:51 spike postfix/qmgr[34836]: 4PnykQ6rRgzJrP3: > from=, size=350, nrcpt=1 (queue active) Mar 31 > 07:29:51 spike postfix/local[72318]: 4PnykQ6rRgzJrP3: to=, > orig_to=, relay=local, delay=0.15, > delays=0.13/0.0077/0/0.0039, dsn=2.0.0, status=sent (delivered to command: > umask 077; exec /usr/local/bin/filter) Mar 31 07:29:51 spike > postfix/cleanup[72315]: 4PnykR0h1BzJrP1: message- > id=<4pnykr0h1bzj...@spike.porcupine.org> > Mar 31 07:29:51 spike postfix/bounce[72317]: 4PnykQ6rRgzJrP3: sender delivery > status notification: 4PnykR0h1BzJrP1 Mar 31 07:29:51 spike > postfix/qmgr[34836]: 4PnykR0h1BzJrP1: from=<>, size=2572, nrcpt=1 (queue > active) Mar 31 07:29:51 spike postfix/qmgr[34836]: 4PnykQ6rRgzJrP3: removed > Mar 31 07:29:51 spike postfix/local[72318]: 4PnykR0h1BzJrP1: > to=, relay=local, delay=0.12, > delays=0.11/0.0038/0/0.0035, dsn=2.0.0, status=sent (delivered to command: > umask 077; exec /usr/local/bin/filter) Mar 31 07:29:51 spike > postfix/qmgr[34836]: 4PnykR0h1BzJrP1: removed > > The original message is logged with queue ID 4PnykQ6rRgzJrP3. The cleanup > daemon does not log the status=expanded, but it does request a DSN, which is > logged with queue ID 4PnykR0h1BzJrP1. I just don't see any log for the expanded domain. Logs of message with success DSN sent: Mar 31 13:26:16 MAIL01 postfix/cleanup[110]: 21069213F: message-id= Mar 31 13:26:19 MAIL01 MailScanner[1402982]: Requeue: 21069213F.A0295 to C91CB2217 Mar 31 13:26:19 MAIL01 dovecot: lmtp(nuno.pere...@virtualdomain.com)<1448368>: msgid=: saved mail to INBOX Mar 31 13:26:19 MAIL01 dovecot: lmtp(1448368): Disconnect from local: Client has quit the connection (state=READY) Mar 31 13:26:19 MAIL01 postfix/lmtp[1444780]: C91CB2217: to=, relay=mail01.nortenet.pt[private/dovecot-lmtp], delay=3, delays=2.9/0/0/0.07, dsn=2.0.0, status=sent (250 2.0.0 CCo8BWvRJmSwGRYAi7tdOA Saved) Mar 31 13:26:19 MAIL01 postfix/cleanup[110]: 26C44213F: message-id=<20230331122619.26c442...@mail01.nortenet.pt> Mar 31 13:26:19 MAIL01 postfix/qmgr[3435793]: 26C44213F: from=<>, size=3618, nrcpt=1 (queue active) Mar 31 13:26:19 MAIL01 postfix/bounce[1449644]: C91CB2217: sender delivery status notification: 26C44213F Mar 31 13:26:19 MAIL01 postfix/qmgr[3435793]: C91CB2217: removed Mar 31 13:26:19 MAIL01 postfix/smtp[1449595]: 26C44213F: to=, relay=a.mx.interacesso.pt[212.13.45.18]:25, delay=0.02, delays=0/0/0.02/0, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 2BAA81D38) Mar 31 13:26:19 MAIL01 postfix/qmgr[3435793]: 26C44213F: removed Logs of message with success DSN not sent: Mar 31 13:25:39 MAIL01 postfix/cleanup[110]: E3F7220E5: message-id= Mar 31 13:25:43 MAIL01 MailScanner[1402982]: Requeue: E3F7220E5.A2EE1 to 048FA228D Mar 31 13:26:19 MAIL01
[pfx] Re: Success DSN for virtual mailboxes not working
Nuno Pereira via Postfix-users: > > De: Wietse Venema via Postfix-users > > Enviada: 30 de mar?o de 2023 21:25 > > Para: Postfix users > > Assunto: [pfx] Re: Success DSN for virtual mailboxes not working > > > > Nuno Pereira via Postfix-users: > > > Hello. > > > > > > We have a setup where postifix is configured to send all mails sent to > > > domain virtualdomain.com are virtual and sent to realdomain.com. > > > > > > This is done with the following configuration: > > > > > > virtual_alias_domains = virtualdomain.com > > > > > > virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-email2email.cf > > > > > > virtual_mailbox_domains = realdomain.com > > ... > > > The problem is with DSN for success messages: they're not returned for > > > emails sent to @virtualdomain.com, but are for ones sent to > > > @realdomain.com (which aren't a virtual on it's own). > > > > When an alias is 1-many or when a virtual address is aliased to a > > (different) real address, Postfix will send a DSN with action=expanded for > > the > virtual > > address. So maybe you should look for Postfix logs with "action=expanded" > > notificiations. > > > > The reason for sending an action=expanded DSN (with the virtual address in > > the > > "Final-Recipient:" field) instead of action=success (with the real address > > in > the > > "Final-Recipient:" field) is that Postfix tries to avoid revealing the real > address to the > > sender. > > I can't find that information on postfix logs. Is there anything that I should > activate to log it? > And as we're at logs, is there any configuration that enables logging of > emails > for which a success DSN (delivery receipt) was requested? When I send a mesage with notify=success to a virtual alias, that results in a sender notification. Logging: Mar 31 07:29:50 spike postfix/cleanup[72315]: 4PnykQ6rRgzJrP3: message-id=<4pnykq6rrgzj...@spike.porcupine.org> Mar 31 07:29:51 spike postfix/qmgr[34836]: 4PnykQ6rRgzJrP3: from=, size=350, nrcpt=1 (queue active) Mar 31 07:29:51 spike postfix/local[72318]: 4PnykQ6rRgzJrP3: to=, orig_to=, relay=local, delay=0.15, delays=0.13/0.0077/0/0.0039, dsn=2.0.0, status=sent (delivered to command: umask 077; exec /usr/local/bin/filter) Mar 31 07:29:51 spike postfix/cleanup[72315]: 4PnykR0h1BzJrP1: message-id=<4pnykr0h1bzj...@spike.porcupine.org> Mar 31 07:29:51 spike postfix/bounce[72317]: 4PnykQ6rRgzJrP3: sender delivery status notification: 4PnykR0h1BzJrP1 Mar 31 07:29:51 spike postfix/qmgr[34836]: 4PnykR0h1BzJrP1: from=<>, size=2572, nrcpt=1 (queue active) Mar 31 07:29:51 spike postfix/qmgr[34836]: 4PnykQ6rRgzJrP3: removed Mar 31 07:29:51 spike postfix/local[72318]: 4PnykR0h1BzJrP1: to=, relay=local, delay=0.12, delays=0.11/0.0038/0/0.0035, dsn=2.0.0, status=sent (delivered to command: umask 077; exec /usr/local/bin/filter) Mar 31 07:29:51 spike postfix/qmgr[34836]: 4PnykR0h1BzJrP1: removed The original message is logged with queue ID 4PnykQ6rRgzJrP3. The cleanup daemon does not log the status=expanded, but it does request a DSN, which is logged with queue ID 4PnykR0h1BzJrP1. Content of delivery status notification:: >From MAILER-DAEMON Fri Mar 31 07:29:51 2023 Return-Path: <> X-Original-To: wie...@porcupine.org Delivered-To: wie...@porcupine.org Received: by spike.porcupine.org (Postfix) id 4PnykR0h1BzJrP1; Fri, 31 Mar 2023 07:29:51 -0400 (EDT) DKIM-Signature: ...omitted... Date: Fri, 31 Mar 2023 07:29:51 -0400 (EDT) From: Mail Delivery System Subject: Successful Mail Delivery Report To: wie...@porcupine.org Auto-Submitted: auto-replied MIME-Version: 1.0 Content-Type: multipart/report; report-type=delivery-status; boundary="4PnykQ6rRgzJrP3.1680262191/spike.porcupine.org" Content-Transfer-Encoding: 8bit Message-Id: <4pnykr0h1bzj...@spike.porcupine.org> This is a MIME-encapsulated message. --4PnykQ6rRgzJrP3.1680262191/spike.porcupine.org Content-Description: Notification Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit This is the mail system at host spike.porcupine.org. Your message was successfully delivered to the destination(s) listed below. If the message was delivered to mailbox you will receive no further notifications. Otherwise you may still receive notifications of mail delivery errors from other systems. The mail system : alias expanded --4PnykQ6rRgzJrP3.1680262191/spike.porcupine.org Content-Description: Delivery report Content-Type: message/delivery-status Reporting-MTA: dns; spike.porcupine.org X-Postfix-Queue-ID: 4PnykQ6rRgzJrP3 X-Postfix-Sender: rfc822; wie...@porcupine.org Arrival-Date: Fri, 31 Mar 2023 07:29:50 -0400 (EDT) Final-Recipient: rfc822; user@virtual.example Original-Recipient: rfc822;user@virtual.example Action: expanded Status: 2.0.0 Diagnostic-Code: X-Postfix; alias expanded --4PnykQ6rRgzJrP3.1680262191/spike.porcupine.org Content-Description: Message Headers Content-Type: text/rfc822-headers Content-Transfer-Encoding: 8bit Return-Path:
[pfx] Re: [ext] secondary MX server
* Corey Hickman via Postfix-users : > Since almost every sending MTA has the queues, do I need a secondary MX for > my domain email? I don't know if the RFC mandate it, but nowadays everbody knows better, so WTF. > I am afraid the secondary MX was abused by spammers. Indeed. The secondary basically needs to have the same setup as the primary in terms of anti spam and recipient lists. -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | https://www.charite.de ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] secondary MX server
Hello, Since almost every sending MTA has the queues, do I need a secondary MX for my domain email? I am afraid the secondary MX was abused by spammers. Thanks. ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: Success DSN for virtual mailboxes not working
Nuno Pereira via Postfix-users skrev den 2023-03-30 20:29: > We have tried to figure out why this happens, but haven't found a > solution until now. logs ? On 31.03.23 12:10, Nuno Pereira via Postfix-users wrote: I don't find anything relevant in logs: just an indication that a DSN was sent when it's the case, and nothing when it doesn't: Mar 31 10:32:42 postfix/bounce[1305381]: E27BF2361: sender delivery status notification: 6A9202190 this only says a notification was generated. E27BF2361 is the queue ID of the original mail 6A9202190 is the queue ID of the notification searching for both in logs should explain what happened to the original mail and to the notification. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Despite the cost of living, have you noticed how popular it remains? ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: Success DSN for virtual mailboxes not working
> De: Wietse Venema via Postfix-users > Enviada: 30 de março de 2023 21:25 > Para: Postfix users > Assunto: [pfx] Re: Success DSN for virtual mailboxes not working > > Nuno Pereira via Postfix-users: > > Hello. > > > > We have a setup where postifix is configured to send all mails sent to > > domain virtualdomain.com are virtual and sent to realdomain.com. > > > > This is done with the following configuration: > > > > virtual_alias_domains = virtualdomain.com > > > > virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-email2email.cf > > > > virtual_mailbox_domains = realdomain.com > ... > > The problem is with DSN for success messages: they're not returned for > > emails sent to @virtualdomain.com, but are for ones sent to > > @realdomain.com (which aren't a virtual on it's own). > > When an alias is 1-many or when a virtual address is aliased to a > (different) real address, Postfix will send a DSN with action=expanded for the virtual > address. So maybe you should look for Postfix logs with "action=expanded" > notificiations. > > The reason for sending an action=expanded DSN (with the virtual address in the > "Final-Recipient:" field) instead of action=success (with the real address in the > "Final-Recipient:" field) is that Postfix tries to avoid revealing the real address to the > sender. I can't find that information on postfix logs. Is there anything that I should activate to log it? And as we're at logs, is there any configuration that enables logging of emails for which a success DSN (delivery receipt) was requested? Nuno Pereira G9Telecom Portugal smime.p7s Description: S/MIME cryptographic signature ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: Success DSN for virtual mailboxes not working
> De: Benny Pedersen via Postfix-users > Enviada: 30 de março de 2023 21:20 > Para: postfix-users@postfix.org > Assunto: [pfx] Re: Success DSN for virtual mailboxes not working > > Nuno Pereira via Postfix-users skrev den 2023-03-30 20:29: > > > We have tried to figure out why this happens, but haven't found a > > solution until now. > > logs ? I don't find anything relevant in logs: just an indication that a DSN was sent when it's the case, and nothing when it doesn't: Mar 31 10:32:42 postfix/bounce[1305381]: E27BF2361: sender delivery status notification: 6A9202190 > > It should be mentioned that failure notifications are sent from > > @virtualdomain.com when it's the case. > > i don't know yet > > note hopefully you dont use catch all domains ? Yes, we have catch all domains: virtualdomain.com is a catch all that redirects for realdomain.com > ___ > Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email > to postfix-users-le...@postfix.org smime.p7s Description: S/MIME cryptographic signature ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
