[pfx] Re: local sending
Wietse Venema wrote in <4r0ss907yqzj...@spike.porcupine.org>: |Ken Gillett via Postfix-users: |> I disagree about Apple. In this respect they most definitely ARE |> idiots. Email addresses do NOT require anything after the @. That |> simply means the user of that name on the current host. If they | |Postfix by design makes this impossible; it was written as a |networked MTA. If you run it on an isolated instance, you can use |username@localdomain. I once had a feature request, Predrag asked for expansion of A valid local user `' in angle brackets (an invalid address) and if i recall correctly said that postfix auto expands this, and so i did implement it. Maybe this is what the op means? Works! $ command -v sendmail /usr/sbin/sendmail $ pkginfo -o $(command -v sendmail) Package File postfix-lmdb usr/sbin/sendmail $ ' #?0|kent:~# tail -n 5 /var/log/mail Jul 11 23:18:57 (none) postfix/pickup[25415]: 8EA6BE2781: uid=1000 from= Jul 11 23:18:57 (none) postfix/cleanup[777]: 8EA6BE2781: message-id=<20230711211857.8ea6be2...@kent.sdaoden.eu> Jul 11 23:18:57 (none) postfix/qmgr[1200]: 8EA6BE2781: from=, size=258, nrcpt=1 (queue active) Jul 11 23:18:57 (none) postfix/local[779]: 8EA6BE2781: to=, orig_to=, relay=local, delay=0.07, delays=0.07/0/0/0, dsn=2.0.0, status=sent (delivered to mailbox) Jul 11 23:18:57 (none) postfix/qmgr[1200]: 8EA6BE2781: removed --steffen | |Der Kragenbaer,The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: local sending
Ken Gillett via Postfix-users: > I disagree about Apple. In this respect they most definitely ARE > idiots. Email addresses do NOT require anything after the @. That > simply means the user of that name on the current host. If they Postfix by design makes this impossible; it was written as a networked MTA. If you run it on an isolated instance, you can use username@localdomain. Wietse ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: local sending
I basically agree with you, but here's why so you don't keep banging your head on the wall. On Tue, 11 Jul 2023, Ken Gillett via Postfix-users wrote: [...] So, as I said, email to user@home works from other hosts on the LAN, but if I try to send using (postfix)sendmail on the Mini itself. There has to be some way to translate "home" in your example to a hostname; I don't think we disagree that that happens. The traditional way to do this was the hosts file. This is consulted before any attempt to engage in hostname lookup. Insert Active Directory here. (I'm ignoring yp.) After all of that, maybe the DNS is consulted. Wait, did I forget something? Oh yeah: search lists. Where do those come in exactly? So the point I'm making is that something is translating "home" to service, or translating "home" to something which can be translated to a service. Sometimes checks for whether "home" translates to a service are done at the application level, but oftentimes it's left to all of that directory service machinery. Don't assume that it happens the same everywhere, all the time. -- Fred Morris ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: local sending
> On Tue, Jul 11, 2023 at 09:11:25AM +0100, Ken Gillett via Postfix-users wrote: > > Anyway, using @home is acceptable and works from both the Mac Pro and > > a debian linux machine (and probably others) on the LAN. > > These arrive to the "server" Postfix instance via SMTP. > > > The problem > > however is that I simply cannot get email on the Mini Server itself to > > work. So, as I said, email to user@home works from other hosts on the > > LAN, but if I try to send using (postfix)sendmail on the Mini itself. > > it bounces:- > > > > status=bounced (Host or domain name not found. Name service error for > > name=home type=: Host not found) > > > > What I don't understand here is why postfix is trying to lookup > > 'home'. It is configured to accept mail in the 'home' domain and > > happily does so from any other host on the LAN, but why not on the > > Mini that's actually running postfix? > > This is **not** using the server Postfix code in /Library/Server. It is > using the default Postfix binaries in /usr/sbin/. Which as you already > observed have a different configuration. > > Put the /Library/Server/... binaries first on your PATH. Aha, good thinking. Yes the default postfix install is first in the PATH. I'll change that around and see how that goes. Thanks. Ken G i l l e t t _/_/_/_/_/_/_/_/ ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: local sending
> On Tue, Jul 11, 2023 at 09:11:25AM +0100, Ken Gillett via Postfix-users wrote: > > Postfix has been installed on the Mini for several years and I can > > send a message from e.g MacOS Mail.app on my Mac Pro to user@home and > > receive it in that account (also configured in same Mail.app). I > > wanted to be able to eliminate the @… completely, but Apple, in their > > infinite wisdom DO NOT ALLOW the use of an email address without an @, > > in some misguided belief it cannot therefore be a valid address. > > Idiots. > > They're not "idiots". Email addresses do need a domain part to have any > cross-system semantics. With a domainless address in the headers of a > message, replies may go astray, ... The world of isolated > mini-computers ended in the 1970s if not earlier. > > > The problem however is that I simply cannot get email on the Mini > > Server itself to work. So, as I said, email to user@home works from > > other hosts on the LAN, but if I try to send using (postfix)sendmail > > on the Mini itself. it bounces:- > > > > status=bounced (Host or domain name not found. Name service error for > > name=home type=: Host not found) > > > > What I don't understand here is why postfix is trying to lookup > > 'home'. It is configured to accept mail in the 'home' domain and > > happily does so from any other host on the LAN, but why not on the > > Mini that's actually running postfix? > > Post logs for a *successful* email transaction addressed to "@home". > Include all the logs for that queue id (smtpd, cleanup, qmgr, and the > final delivery agent). > > Similarly, post all the logs for the failure case. I'll sort out logs etc, but my external email is currently down (nothing to do with this postfix issue) so not receiving anything from this List. I disagree about Apple. In this respect they most definitely ARE idiots. Email addresses do NOT require anything after the @. That simply means the user of that name on the current host. If they are on a different host then you need to add …@host and if they are in a different domain, then you'll need …@host.domain. That is how it works and if you don't include part of what is needed, then the message will not be delivered. Simple. It is NOT up to the idiots at Apple to decide exactly what addresses you are ALLOWED to use, just in case we might make a mistake - in their eyes. To enforce such regulation and restriction is WRONG. In order to 'keep it simple', they are are actually PREVENTING the full legitimate and valid use of a local email address. This sort of draconian control is way out of hand. If Apple want to really help their users, then a polite reminder that an email address without an @ might not be correct would be ok, but to place a blanket control over everyone, preventing their legitimate use of email addressing is beyond acceptable. I recently had to set up emailing from the linux box and the server control web gui would similarly NOT let me enter user@home as a valid address. Instead just a red error message saying I must use a valid email address, simply because it had no dot/period. BUT IT IS VALID. More idiots, in this case preventing me from being able to email from that machine to the required recipient. THIS IS DUMB. I had to dig out the actual config file and edit that manually to set the correct address (no dot). This was then displayed in the GUI and worked perfectly. But the GUI has controls that prevented the entry of the valid and required email address. I say again, this is DUMB and this sort of nonsense drives me nuts. Devs just cannot seem to help trying to control everything to be how THEY think it should be, when in so many cases, THEY are wrong. Sorry. Apple devs who coded Mail.app to not allow the use of an email address without an @ are most definitely idiots. Still, at least they don't demand a dot as well. :-) Ken G i l l e t t _/_/_/_/_/_/_/_/ ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: warn_if_reject and MILTER
Wietse Venema via Postfix-users: > Patrick Ben Koetter via Postfix-users: > > Greetings, > > > > I was wondering if there's something similar to warn_if_reject when it comes > > to dry-run / test-run MILTER applications in Postfix. The documentation on > > warn_if_reject does not mention MILTERs, which usually means the feature > > isn't > > there because otherwise it would be documented, and the per-Milter settings > > in > > MILTER_README don't mention something I could use to warn_if_reject either. > > Correct. warn_if_reject operates on smtpd_mumble_restrictions, and > there is no "check_milter" action in smtpd_mumble_restrictions, for > the same reason that there is no "check_smtp_syntax" action. > > > Is that something worth to implement or should a dry-run test mode be left > > to > > each individual MILTER implementation? > > The Postfix Milter client currently does not implement an override > mechanism; the 'default_action' is used only when the Milter fails > to respond. > > It should be possible to specify a 'warn_if_reject=yes' Milter > attribute that overrides a specific Milter, and a corresponding > milter_warn_if_reject main.cf configuration parameter that overrides > all Milters. Much of the effort will be updating documentation. However, after a Milter rejects message, it may not expect to receive further events for that message. Ditto for the underlying libmilter implementation. Wietse ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: warn_if_reject and MILTER
Patrick Ben Koetter via Postfix-users: > Greetings, > > I was wondering if there's something similar to warn_if_reject when it comes > to dry-run / test-run MILTER applications in Postfix. The documentation on > warn_if_reject does not mention MILTERs, which usually means the feature isn't > there because otherwise it would be documented, and the per-Milter settings in > MILTER_README don't mention something I could use to warn_if_reject either. Correct. warn_if_reject operates on smtpd_mumble_restrictions, and there is no "check_milter" action in smtpd_mumble_restrictions, for the same reason that there is no "check_smtp_syntax" action. > Is that something worth to implement or should a dry-run test mode be left to > each individual MILTER implementation? The Postfix Milter client currently does not implement an override mechanism; the 'default_action' is used only when the Milter fails to respond. It should be possible to specify a 'warn_if_reject=yes' Milter attribute that overrides a specific Milter, and a corresponding milter_warn_if_reject main.cf configuration parameter that overrides all Milters. Much of the effort will be updating documentation. Wietse ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: [ext] warn_if_reject and MILTER
On Tue, Jul 11, 2023 at 04:28:54PM +0200, Ralf Hildebrandt via Postfix-users wrote: > If I remember correctly, soft_bounce is some sort of el-cheapo "replace > 5 with 4 in the output to the client"-thing. And thus should work even > with milters. Yes, but keep in mind that milters also can modify message content, adding or removing headers, modifying the body, quarantining the message, ... Those actions are irreversible. -- Viktor. ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: [ext] warn_if_reject and MILTER
* Patrick Ben Koetter via Postfix-users : > Greetings, > > I was wondering if there's something similar to warn_if_reject when it comes > to dry-run / test-run MILTER applications in Postfix. The documentation on > warn_if_reject does not mention MILTERs, which usually means the feature isn't > there because otherwise it would be documented, and the per-Milter settings in > MILTER_README don't mention something I could use to warn_if_reject either. If I remember correctly, sof_bounce is some sort of el-cheapo "replace 5 with 4 in the output to the client"-thing. And thus should work even with milters. -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | https://www.charite.de ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] warn_if_reject and MILTER
Greetings, I was wondering if there's something similar to warn_if_reject when it comes to dry-run / test-run MILTER applications in Postfix. The documentation on warn_if_reject does not mention MILTERs, which usually means the feature isn't there because otherwise it would be documented, and the per-Milter settings in MILTER_README don't mention something I could use to warn_if_reject either. Is that something worth to implement or should a dry-run test mode be left to each individual MILTER implementation? Regards, p@rick -- [*] sys4 AG https://sys4.de, +49 (89) 30 90 46 64 Schleißheimer Straße 26/MG,80333 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief Aufsichtsratsvorsitzender: Florian Kirstein ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: local sending
Dnia 11.07.2023 o godz. 09:31:01 Viktor Dukhovni via Postfix-users pisze: > > They're not "idiots". Email addresses do need a domain part to have any > cross-system semantics. On a LAN with dedicated gateway machine for outgoing mail, not necessarily. Within a LAN, host-only addresses should be enough, and if the mail is going outside, the gateway machine adds a domain part to all domainless addresses in the headers. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: local sending
On Tue, Jul 11, 2023 at 09:11:25AM +0100, Ken Gillett via Postfix-users wrote: > Anyway, using @home is acceptable and works from both the Mac Pro and > a debian linux machine (and probably others) on the LAN. These arrive to the "server" Postfix instance via SMTP. > The problem > however is that I simply cannot get email on the Mini Server itself to > work. So, as I said, email to user@home works from other hosts on the > LAN, but if I try to send using (postfix)sendmail on the Mini itself. > it bounces:- > > status=bounced (Host or domain name not found. Name service error for > name=home type=: Host not found) > > What I don't understand here is why postfix is trying to lookup > 'home'. It is configured to accept mail in the 'home' domain and > happily does so from any other host on the LAN, but why not on the > Mini that's actually running postfix? This is **not** using the server Postfix code in /Library/Server. It is using the default Postfix binaries in /usr/sbin/. Which as you already observed have a different configuration. Put the /Library/Server/... binaries first on your PATH. -- Viktor. ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: local sending
On Tue, Jul 11, 2023 at 09:11:25AM +0100, Ken Gillett via Postfix-users wrote: > Postfix has been installed on the Mini for several years and I can > send a message from e.g MacOS Mail.app on my Mac Pro to user@home and > receive it in that account (also configured in same Mail.app). I > wanted to be able to eliminate the @… completely, but Apple, in their > infinite wisdom DO NOT ALLOW the use of an email address without an @, > in some misguided belief it cannot therefore be a valid address. > Idiots. They're not "idiots". Email addresses do need a domain part to have any cross-system semantics. With a domainless address in the headers of a message, replies may go astray, ... The world of isolated mini-computers ended in the 1970s if not earlier. > The problem however is that I simply cannot get email on the Mini > Server itself to work. So, as I said, email to user@home works from > other hosts on the LAN, but if I try to send using (postfix)sendmail > on the Mini itself. it bounces:- > > status=bounced (Host or domain name not found. Name service error for > name=home type=: Host not found) > > What I don't understand here is why postfix is trying to lookup > 'home'. It is configured to accept mail in the 'home' domain and > happily does so from any other host on the LAN, but why not on the > Mini that's actually running postfix? Post logs for a *successful* email transaction addressed to "@home". Include all the logs for that queue id (smtpd, cleanup, qmgr, and the final delivery agent). Similarly, post all the logs for the failure case. -- Viktor. ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: where setup permit_mx_backup
Tom Reed via Postfix-users: > Greeting list, > > besides relay_domains, I can use permit_mx_backup to setup a secondary MX > server. permit_mx_backup should be used ONLY after reject_unverified_recipient, otherwise Postfix will accept mail for non-existent recipients, the Postfix mail queue will fill up with mailer-daemon messages, and your server may be blocklisted as a backscatterer. Wietse ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] where setup permit_mx_backup
Greeting list,
besides relay_domains, I can use permit_mx_backup to setup a secondary MX
server.
I have these setup in main.cf:
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated,
permit_mx_backup, reject_unauth_destination
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
permit_mx_backup,
reject_unauth_destination,
check_policy_service { unix:private/policyd-spf, default_action=DUNNO }
permit_mx_backup_networks = ip_of_primary_mx
That seems to be working.
my question is, do I need to put permit_mx_backup in both
smtpd_relay_restrictions and smtpd_recipient_restrictions sections?
Or putting in just smtpd_relay_restrictions section is fine?
Thank you & regards,
Tom R
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] local sending
My needs are simple. I just need to be able to send email from any host on the local network to postfix/dovecot on a Mac Mini server so that an IMAP client can receive and access the mail and since dovecot is using maildir, it does not see unix mail. Postfix has been installed on the Mini for several years and I can send a message from e.g MacOS Mail.app on my Mac Pro to user@home and receive it in that account (also configured in same Mail.app). I wanted to be able to eliminate the @… completely, but Apple, in their infinite wisdom DO NOT ALLOW the use of an email address without an @, in some misguided belief it cannot therefore be a valid address. Idiots. Anyway, using @home is acceptable and works from both the Mac Pro and a debian linux machine (and probably others) on the LAN. The problem however is that I simply cannot get email on the Mini Server itself to work. So, as I said, email to user@home works from other hosts on the LAN, but if I try to send using (postfix)sendmail on the Mini itself. it bounces:- status=bounced (Host or domain name not found. Name service error for name=home type=: Host not found) What I don't understand here is why postfix is trying to lookup 'home'. It is configured to accept mail in the 'home' domain and happily does so from any other host on the LAN, but why not on the Mini that's actually running postfix? Suggestions? Ken G i l l e t t _/_/_/_/_/_/_/_/ ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: which main.cf and postconf
Thanks Bill. Yes I then realised it must be the case that the binaries were compiled with different defaults. Just had initially assumed they would be the same. Explains why I was seeing what I was seeing. I would strip out all the OSX Server stuff, but as my long term intention is not to keep using MacOS(X) for this, I just want to keep this running until then. Hopefully you'll be able to help with the actual problem which I will post separately. Ken G i l l e t t _/_/_/_/_/_/_/_/ > On Mon 10 Jul 2023, at 18:43, Bill Cole via Postfix-users > wrote: > > On 2023-07-10 at 12:42:24 UTC-0400 (Mon, 10 Jul 2023 17:42:24 +0100) > Ken Gillett via Postfix-users > is rumored to have said: > >> From where is postconf getting its information? Does it have a config >> directory hard coded? > > Yes. Note: > > # strings > /Applications/Server.app/Contents/ServerRoot/usr/sbin/postconf |grep -i > '[a-z]/[a-z]' > /dev/null > open /dev/null: %m > /Library/Server/Mail/Config/postfix/usr/sbin > /Library/Server/Mail/Config/postfix/usr/bin/newaliases > /Library/Server/Mail/Data/spool > btree:$data_directory/postscreen_cache > /Applications/Server.app/Contents/ServerRoot/usr/local/man > /Library/Server/Mail/Config/postfix > dev:/dev/urandom > /Library/Server/Mail/Config/postfix/usr/bin/mailq > /var/mail > /Library/Server/Mail/Config/postfix/usr/sbin/sendmail > hash:/Library/Server/Mail/Config/postfix/aliases > /Library/Server/Mail/Data/mta > [...] > > # strings /usr/sbin/postconf |grep -i '[a-z]/[a-z]' > /dev/null > open /dev/null: %m > /var/mail > btree:$data_directory/postscreen_cache > /usr/sbin > /usr/sbin/sendmail > /usr/bin/newaliases > /usr/local/man > /usr/libexec/postfix > hash:/etc/aliases > /var/lib/postfix > /usr/bin/mailq > /etc/postfix > /var/spool/postfix > [...] > > Postfix is built with a set of defaults which are embedded in the > executables. These are subject to configuration at build time. You need to > use Postfix binaries like postconf which were built with the same > configuration as the running service. > > The basis of the confusion here is that Apple has shipped all versions of > MacOS X with a customized Postfix using "core system" defaults (/etc, /var, > /usr) since ~10.4. That version is built to be used as a local 'null client' > and is launched on demand when mail is submitted locally (e.g. using > /usr/sbin/sendmail, which is actually a Postfix interface) They also have the > "Server" package which puts a differently-customized version in an "add-on > software" tree under /Library/ (which is the "right" choice per Apple/NeXT > filesystem layout norms.) > > If you intend to stick with Server a while longer, you might want to edit > your .profile (or .login if you use csh) to add the useful paths to binaries > under /Applications/Server.app/Contents/ServerRoot/ to the start of your PATH > so that you use the Server versions by default. > >> Certainly it does not seem to follow the directory as applied to the running >> master process. How can 2 different postconf executables produce different >> results and which is correct? > > They produce different results because they were built with different > configurations, such that they have different embedded default parameters, > including the default location of config files. Each 'postconf' will provide > the configuration truth about the Postfix installation of which it is a part. > > > > -- > Bill Cole > b...@scconsult.com or billc...@apache.org > (AKA @grumpybozo and many *@billmail.scconsult.com addresses) > Not Currently Available For Hire > ___ > Postfix-users mailing list -- postfix-users@postfix.org > To unsubscribe send an email to postfix-users-le...@postfix.org ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
