Hello,
I have been setting up a new mail server for our organization which has
different mailservers, one for each subdomain. The new server, will take
over the whole organization using LDAP and Postfix/Dovecot and things up
to now are looking (almost) nice.
However, I have this problem:
C
Jones wrote:
On 7/29/2010 8:07 AM, Nikolaos Milas wrote:
Hello,
I have been setting up a new mail server for our organization
which has different mailservers, one for each subdomain. The
new server, will take over the whole organization using LDAP
and Postfix/Dovecot and things up to now are
On 30/7/2010 4:14 μμ, Noel Jones wrote:
Please don't top-post. Please don't post HTML crap mail.
OK, Thanks.
No, bare user names won't match random domains. The lookup search
orders is documented in virtual(5).
Hmm, I tested in my installation and found that using a bare user name
in
Hi,
I am using this piece of code to restrict access to some mail aliases
(only clients from the allowed IP addresses are permitted to send email
to the protected email addresses):
smtpd_restriction_classes = allowed_list1
allowed_list1 = check_client_access hash:/etc/postfix/client_acc
Thanks Wietse,
Sorry, I didn't notice in the documentation.
Could you please suggest any alternative with using subnetting for this
purpose?
Otherwise, we would have to include a very large number of unique IP
addresses in a hash file for client access control.
Thanks again,
Nick
On 7/2/
Sorry Wietse,
I don't understand.
You mean I shouldn't have changed the true domain names / IP addresses
in my email? (I usually do in mailing list posts, it's considered proper
conduct.)
If it's needed, I can provide the actual domain names / networks / files.
Would you please clarify?
Th
Thans Brian,
But, could I have used "allowed_list1= check_client_access
cidr:/etc/postfix/client.cidr,reject" ? Is this feasible?
I understand from Wietse's feedback that I couldn't use CIDR lookups in
a smtpd_restriction_classes statement which is used in a hash table in
smtpd_recipient_res
OK Brian,
Per your advice, I modified it as below:
smtpd_restriction_classes = allowed_list1
allowed_list1= check_client_access cidr:/etc/postfix/client.cidr,reject
smtpd_recipient_restrictions =
hash:/etc/postfix/protected_destinations,permit_mynetworks,permit_sasl_authenticated,re
I have parenthetically asked in another - solved - thread if postfix
offers the ability to control access to specific mail addresses using as
a key the authenticated usernames (and got no reply).
So, I am posting this as a new thread, hoping that someone has faced
this scenario.
The idea is:
Thanks Jeroen,
I checked the documentation and I think smtpd_sender_login_maps might do
the trick.
Does anyone know if a many-to-many (M-to-M) mapping is allowed in these
maps? That is, the following example is valid (a hash file)?
ma...@example.com user1
ma...@example.com u
Thanks Ralf,
That means that the following format should be OK?
ma...@example.com user1,user2,user3
ma...@example.com user1,user2
ma...@example.com user1,user3
This is still a M-to-M mapping (many mail addresses are mapped to many
SASL login usernames), it's just format
You may want to try pflogsumm. It's a perl script. See
http://jimsun.linxnet.com/postfix_contrib.html.
Nick
On 9/2/2011 7:59 πμ, meyer-jor...@t-online.de wrote:
I would be surprised if no one before was interested in clearly
readable and
complete mail lists...
H.
You could try using restriction classes, as documented:
http://www.postfix.org/RESTRICTION_CLASS_README.html
For example:
smtpd_restriction_classes = restr_class1
restr_class1= check_sender_access
hash:/etc/postfix/somesenders,permit_mynetworks,reject
smtpd_recipient_restrictions =
hash:/etc/
Thank you Noel,
After searching for a while, I found your info/solutions were complete
and accurate.
Locking sender addresses with authenticated users appears to be a good
practice, anyway.
Here, I have two questions about reject_sender_login_mismatch:
1. If sender is in the form "f...@e
Thank you Harald,
Please, let me ask for some clarifications, cause I'm confused:
If we have (SASL) UNauthenticated clients (who are allowed to send
emails from mynetworks) AND (SASL) authenticated clients (in mynetworks
or anywhere), what will happen to our UNauthenticated clients (in
mynetw
Thanks Noel,
for the detailed info.
In the meantime, I had already tested, and here are the test
results, for reference (tested by removing ownership of f...@example.com
by foo and logging in (in scenario II) as user foo):
I. 1 --->a (mes
(I'm sending again, because by mistake the message I sent before was in
html form.)
Thanks Noel, for the detailed info.
In the meantime, I had already tested, and here are the test results,
for reference (tested by removing ownership of f...@example.com by foo
and logging in (in scenario II)
complication, and thanks again for your detailed analysis.
I believe this explanation should find its way into the documentation,
because I am afraid the explanation of the three directives is otherwise
obscure.
All the best,
Nick
On 11/2/2011 5:58 μμ, Nikolaos Milas wrote:
Thanks Noel, for the
Hello,
Although I'm using virtual_mailbox_limit (in main.cf), it seems it's not
being observed. I set it to: 314572800 (300MB), but I see our users have
sometimes larger mailboxes.
Should I do something more to enforce the limit?
Please advise.
Thanks,
Nick
Follows my config (postconf -n):
Thanks Witsie,
Could the use of an IMAP client program (workstation-based or web-based,
like Squirrelmail) to access the incoming ("new/" Maildir) mailbox,
somehow override the directive?
Or, what other, common tools could cause such an override?
Our users are virtual, and don't have shell o
Wietse,
Would you have any plans to integrate in Postfix support for global AND
per user mailbox quotas supporting both Maildir and MBOX?
This is a frequently needed feature, as I am sure you are aware. Of
course, everything is always a matter of priorities and policies for the
Postfix proje
OK guys,
I'll set up quotas in Dovecot and see how it goes.
I've also just installed (compiled from source on CentOS 5.5) Postfix
2.8.0 with VDA (just published for 2.8.0), and I will experiment with
all the available settings.
Just a question: If quota is useless on the MTA, why there is al
n" ?
Nick
On 18/2/2011 11:58 πμ, Nikolaos Milas wrote:
I've also just installed (compiled from source on CentOS 5.5) Postfix
2.8.0 with VDA (just published for 2.8.0), and I will experiment with
all the available settings.
Hi,
Our mail server (vmail.example.com) uses Postfix (with ldap backend for
table lookups). However, in our domain (example.com) mail is always
reaching us through a gateway (which is defined as an MX for our
domain), say mailgw.example.com. This is a mail appliance (Cisco
Ironport) which fil
You mean you want to allow (SASL) authenticated clients (wherever they
are) and allow them only to send from their true ("local") mail address?
For example, if your hosted domain is example.com and the user's mail
address is us...@example.com, you want the user to (SASL) authenticate
as userx
You can:
# Define address ownerships:
smtpd_sender_login_maps = hash:/etc/postfix/mailloginmap
# Reject the request if ownership is not observed
smtpd_sender_restrictions = reject_sender_login_mismatch
# /etc/postfix/mailloginmap:
a...@example.com A
a...@example.com A
a...@example.com A
a...@exa
I'm asking trying to learn:
Is there a benefit of using LMTP for local delivery when using Dovecot?
Why not use Dovecot LDA (without using LMTP)?
In Postfix documentation, I've read about lmtp that "The advantage of
this setup is that one Postfix machine can feed multiple mailbox servers
ove
Just my 2c:
Here:
http://stevejenkins.com/blog/2011/01/building-postfix-2-8-on-rhel5-centos-5-from-source/
you can find directions to build Postfix from source, fully-compatible
with CentOS Postfix packages.
The above process should be identical in RHEL 5.
I have found that building/upgradin
A question related to those settings:
When we activate these settings (in v. 2.8.1) duplicates are eliminated
indeed, but in the logs I see that there is no more any indication of
the original recipient.
Is it possible to have both duplicate elimination AND (additional)
logging of the origin
Sorry Wietse,
I would never say Postfix is a probabilistic machine - we all trust it
fully.
But, if a message is sent to: a...@example.com, j...@example.com,
n...@example.com and jack is a member of group aliases: all and noc, and
even jack is an alias to real address: jack.br...@example.com
On 12/3/2011 5:55 μμ, Wietse Venema wrote:
There is no code to store multiple original recipients with each
recipient in queue files, to read multiple original recipients from
queue files, to log multiple original recipients, to prepend multiple
X-Original-To: headers upon delivery, or other cod
On 12/3/2011 7:03 μμ, /dev/rob0 wrote:
That ONE message, a "maildir file", is subject to
virtual_mailbox_limit. The maildir structure itself is not.
As discussed earlier in this thread, in order to enforce maildir quotas
the best solution is to use Dovecot with LDA or LMTP and define quotas
If you use:
enable_original_recipient = no
...then Postfix will suppress duplicates (but, unfortunately, it will no
more log all original recipients).
See this thread:
http://tech.groups.yahoo.com/group/postfix-users/message/275275
Nick
On 15/3/2011 11:03 πμ, Rindra RAZAFIMBELO wrote:
Hi,
I
On 16/3/2011 3:22 μμ, Voytek Eymont wrote:
I have postfix 2.4.5 with several virtual domains in mysql/postfixadmin
one of the hosted virtual domains moved off the mail server
If you have virtual aliases for that domain, they are always applicable,
even if the domain is not parked there.
Nic
On 17/3/2011 5:39 πμ, Voytek Eymont wrote:
ahem, where do I unalias it..?
search for domain.tld in /etc/postfix/ with no avail?
cd /etc/postfix
# grep domain.tld *
I only wanted to point to the fact that if you have explicit aliases
using domain.tld in your:
virtual_alias_maps = proxy:mys
On 6/4/2011 1:20 μμ, Tolga wrote:
Hi,
I have just tried with another user I added with postfixadmin, and I
am still getting that permission error. So, I am wondering what
/var/mail/vhosts permissions and owning user:group should be? chmod
777 works but I know 777 is evil, so I chmod'd 770 and
On 6/4/2011 1:55 μμ, Tolga wrote:
I have just checked, uid/gid 8 is vmail and the directory is owned by
vmail:vmail, and I just chmod'd to 700. It still doesn't work :(
Hi,
I don't know what OS you are using, but I see you are not using the
natural home dir of the vmail user (should be mo
On 24/4/2011 5:09 πμ, Evan Platt wrote:
Enforce a better password policy - our work password policy is minimum
My 2c:
Check your server logs to see if someone found some password(s) by
brute-force (you'll see multiple failed logins).
* If yes, enforce a strict password policy as sugges
On 3/5/2011 1:35 πμ, Steve Jenkins wrote:
I actually didn't have it in either - I was under the (apparently
false) impression that just putting the exclude in yum.conf would
apply to any repo. It's in the CentOS-Base.repo file in [base] and
[updates] now, tho. Thank you. :)
I also have serve
Hi,
We are running Postfix 2.8.1 with Dovecot 1.2.12 on CentOS 5.6 (64 bit)
on a VM. The system is in production.
From time to time (about 2-3 times a week), I get an error "fatal: lock
file defer : defer service failure". After that, it seems to
continue normally, without any intervention.
On 23/5/2011 8:55 πμ, Nikolaos Milas wrote:
Can someone please provide some insight to the problem and suggest a
solution?
With some googling I found this rather old message:
http://archives.neohapsis.com/archives/postfix/2004-03/2663.html where
Wietse suggested to increase the
On 27/5/2011 10:42 πμ, Thomas Berger wrote:
Hi Kurniawan,
this is the default. Please have a look at the great docs:
http://www.postfix.org/SMTPD_ACCESS_README.html
In two words: Do not open access to external IP addresses (except
perhaps particular trusted ones!) unless you restrict acces
On 23/5/2011 9:26 πμ, Nikolaos Milas wrote:
With some googling I found this rather old message:
http://archives.neohapsis.com/archives/postfix/2004-03/2663.html where
Wietse suggested to increase the var_flock_tries undocumented
parameter in main.cf (from 20 to 40).
Would this suggestion be
On 23/6/2011 9:13 πμ, kshitij mali wrote:
Hi have seen all the readme file explaining install support for
individual feature such as dovecot only or mysql only.
My direct question is give me the command or syntax atleast for
bulding the postfix for all of the supported feature .
If you u
Hi,
We are using Postfix 2.8.3 with Dovecot 2.0.13 on CentOS 5.6.
The problem we have is that sometimes, due to mail sender's error when
composing a message, the sender attempts to send an email to "@noa.gr"
(without specifying the user part of the address). This results in a
Postfix error du
On 23/6/2011 6:11 μμ, Victor Duchovni wrote:
However, if none of the above is useful, you can I believe use:
-d ${user:no-such-user}
this may not be documented in the pipe(8) manual page, if sothink this
is a rare documentation oversight. Almost universally, undocumented
Postfix behavio
On 15/7/2011 11:48 πμ, Pol Hallen wrote:
I've only one production server, I'd like keep copy (on this server) of
all emails.
carbon copy :-)
Use:
always_bcc = mailstore@localhost
See: http://www.postfix.org/postconf.5.html
Nick
smime.p7s
Description: S/MIME Cryptographic Signature
On Mon, Aug 01, 2011 at 02:52:31PM +0300, Vasil Mikhalenya wrote:
Hi all,
I can not find solution for the following problem:
if I send mail to user1@mydomain, and list1@mydomain
and /etc/aliases contains list1: user1,user2
postfix duplicates email for the user1(2 identical email delivered to
us
Hi everyone,
A quick question: message_size_limit refers to the MIME-encoded (base64)
"final" message size or to the initial (non-encoded) size of message +
attachments?
(Encoded message size should be about 30% larger than the original, so
if we want to allow attachments of max size e.g. 30
On 5/8/2011 5:12 μμ, Magnus Bäck wrote:
A quick question: message_size_limit refers to the MIME-encoded
(base64) "final" message size or to the initial (non-encoded) size
of message + attachments?
The former. That's the only representation of an email that's ever sent
or stored.
Thanks,
Nick
On 18/2/2011 6:48 μμ, Victor Duchovni wrote:
On Fri, Feb 18, 2011 at 06:43:28PM +0200, Nikolaos Milas wrote:
What is the suggested way to configure Postfix to play this role, i.e. to
simply send all incoming (clean, after filtering) mail to another mail
server?
http://www.postfix.org
On 3/9/2011 9:41 μμ, Noel Jones wrote:
To accept mail for specified subdomains, add those domains to the
relay_domains parameter. This is the recommended solution.
Thanks Noel,
And to route incoming mails to different mail servers would we use:
transport_maps = hash:/etc/postfix/transpor
On 3/9/2011 10:10 μμ, Noel Jones wrote:
Yes, although you may want to use relay: rather than smtp: as the
transport name. The different name allows postfix to more efficiently
schedule delivery for those domains, and allows you to use different
relay delivery settings if needed. -- Noel Jones
Hello,
To build on CentOS from source and get an installation with standard
features (as provided in CentOS standard Postfix RPMs) we use:
make makefiles \
CCARGS='-fPIC -DUSE_TLS -DUSE_SSL -DUSE_SASL_AUTH \
-DUSE_CYRUS_SASL -DPREFIX=\"/usr\" \
-DHAS_LDAP -DLDAP_DEPRECATED=1 \
-DHAS_PCRE -I/us
On 3/9/2011 11:09 μμ, Noel Jones wrote:
If we use:
relay_recipient_maps =
(that is, empty) then *all* recipients for the hosted domains (those
listed in relay_domains) are accepted/forwarded?
Yes. That turns you into a backscatter source, clogging your queue
with undeliverable mail and ev
On 5/9/2011 3:26 μμ, Nikolaos Milas wrote:
So, in order to implement such a solution, would it be sufficient to
do something like the following, on the *gateway* mail server:
smtpd_recipient_restrictions =
permit_mynetworks, reject_unverified_recipient
Thanks to Noel (and to the Postfix community in general) for the
guidance, my mail gateway is now running (still in test mode), together
with spamassassin, clamav and amavis-new.
Now, one more thing:
Since this is just a relay, mail is not stored locally; yet, I would
like to train spamassass
On 9/9/2011 4:00 μμ, Wietse Venema wrote:
If you don't use permit_mynetworks at all (check with: "postconf |
grep permit_mynetworks"), then mynetworks can be empty.
Thanks Wietsie,
mynetworks = 127.0.0.1/32 [::1]/128
seems the right solution.
In fact I am using permit_mynetworks as the firs
On 9/9/2011 3:14 μμ, Nikolaos Milas wrote:
Since this is just a relay, mail is not stored locally;
...
So I was thinking I should configure postfix/spamassassin to keep
local copies of spam (to be also available for checking using IMAP)
and non-spam mail so as to make training feasible
On 9/9/2011 5:52 μμ, jeffrey j donovan wrote:
use local recipient map for your local users and transport maps for the
delivery of others. You will have to tell amavisd how to relay local and remote.
do what Weiste said and allow programs to relay mail via localhost.
Thanks Jeffrey,
I guess w
I would suggest you to use source code and build according to these
directions:
http://stevejenkins.com/blog/2011/01/building-postfix-2-8-on-rhel5-centos-5-from-source/
I use SASL, LDAP, TLS and all are supported with the default CentOS
configuration options as described on that page.
That's
On 5/10/2011 10:23 πμ, Shane Chrisp wrote:
no problems, but I am having trouble working out how I will be able to
add domain to domain aliases and also catchall
accounts for domains. Personally I hate catchall accounts for domains,
but some customers just have to have them, or
...
using the Pham
On 5/10/2011 3:17 μμ, Shane Chrisp wrote:
Hi Nick,
Thank you very much for your reply. From that setuo I can see how to
setup a catchall with a minor change to our current setup.
The domain to domain alias is a way of saying that we have a real
domain of dom1.tld and another domain od dom2
On 5/10/2011 8:47 μμ, Shane Chrisp wrote:
If I cant find a way of working around the domain aliasing, it wont be
the end of the world.
You might want to read this thread:
http://tech.groups.yahoo.com/group/postfix-users/message/239812
After some thought, you could try adding to virtual_alia
On 5/10/2011 10:20 μμ, John Baker wrote:
We have been having some trouble with Temporary lookup failures from
ldap lookup timeouts and I have been trying to find ways to solve the
problem. One thing I would like to do is cut down on the volume of
lookups by skipping virtual alias lookups if th
On 6/10/2011 6:38 μμ, Viktor Dukhovni wrote:
Rather, group expansion MUST ONLY happen when in alias_maps
or virtual_alias_maps, where you are replacing an address
with one or more target addresses.
Exactly. See here for an implementation:
http://www.openldap.org/lists/openldap-technical/20110
I have two identical CentOS 6 servers using
postfix-2.6.6-2.1.el6_0.x86_64 (provided as a standard distribution
package through the repos).
On these boxes, postfix only serves as local mail server (just to send
mail from the local system).
One of them obeys .forward file for root account whi
On 13/10/2011 2:05 μμ, Wietse Venema wrote:
To find out what system call is failing, see the strace instructions
in http://www.postfix.org/DEBUG_README.html, and compare strace results.
Thank you Wietsie.
(In the meantime I upgraded to postfix v2.8.5 but the behavior didn't
change.)
I ran
On 13/10/2011 4:59 μμ, Wietse Venema wrote:
You need to STRACE the program that reads .forward files! That would
be the local(8) delivery agent.
Thanks Wietsie,
I ran with:
local unix - n n - - local -D -vv
and found:
Oct 13 17:48:47 vpnspot postfix/local[12683]: deliver_dotforward[3]:
lo
On 13/10/2011 6:40 μμ, Wietse Venema wrote:
A few messages ago, I asked this:
To find out what system call is failing, see the strace instructions
in http://www.postfix.org/DEBUG_README.html, and compare strace results.
Hi Wietse,
First, I found the cause: It was selinux (once more...). Alt
On 13/10/2011 9:36 μμ, Wietse Venema wrote:
The DEBUG_README example has a ';' between PATH=stuff and '('.
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin;
(truss -p $process_id 2>&1 | logger -p mail.info)& sleep 5
Without this ';' you have a syntax error.
Ahh,
On 17/10/2011 11:16 πμ, lupin...@gmx.net wrote:
is it possible to configure postfix as "smarthost" in the sense, that it
1) accepts mails from the internet and then forwards them to the "real"
mailserver?
You might want to read this thread too:
http://www.mail-archive.com/postfix-users@postf
Hello,
I have mail_version = 2.8.3 on CentOS 5.7 (x86_64).
Everything is running OK; the server only accepts local or authorized
(using STARTTLS) connections, as there is another mail gateway
receiving/filtering and delivering locally to this one.
STARTTLS is configured and works fine.
In /
On 25/10/2011 3:01 μμ, Charles Marcus wrote:
You want to uncomment these lines:
...
Thank you very much Charles,
I got confused.
Perhaps, since this is a fairly standard scenario, it might be useful to
include details on enablement of port 587 TLS/SSL service in
http://www.postfix.org/TLS
On 26/10/2011 10:29 πμ, Nerijus Kislauskas wrote:
On 10/25/2011 03:09 PM, Nerijus Kislauskas wrote:
So why it is important to return something from LDAP in order to be
*sure* entry exists? Search without result_attribute responds with 1
match. Why it can't be a key for descision, that there is
On 26/10/2011 12:06 μμ, Nerijus Kislauskas wrote:
you miss a point. It's not about the usage of one or another postfix
config parameter. It is about postfix behavior based on LDAP protocol
search operation/results.
Sorry, I misread your initial post.
Nick
smime.p7s
Description: S/MIME Cryp
On 27/10/2011 12:59 πμ, Nerijus Kislauskas wrote:
(a) group needs "read" permission on result_attribute attributes, while
(b) group needs only "search" permission. What I want from all ot this,
that postfix would be able to work with minimal required ldap access
permissions. And now you require
On 31/10/2011 6:07 μμ, Amira Othman wrote:
I am trying to upgrade postfix version form 2.3 to 2.7 but each time I
finish installing rpm I get error
Since you are in CentOS (as you describe in earlier posts), I would
suggest you to follow these *easy* directions and upgrade to 2.8 (latest
On 7/11/2011 5:41 μμ, Leslie León Sinclair wrote:
But I need to put quota in my webmail
Hi,
Use postfix and dovecot, with lda or lmtp and setup quotas in dovecot.
See: http://www.dovecot.org/list/dovecot/2011-February/057630.html
Hope that helps,
Nick
smime.p7s
Description: S/MIME Crypto
On 2/12/2011 8:02 πμ, email builder wrote:
No other people have systems for doing this?
Perhaps a bit late in this thread, but we are using Mondo Archive (on
CentOS 5.7) and it works great; quite flexible and with easy and
effective restore.
Check: http://www.mondorescue.org/
A short intr
Hello,
I am using postfix, amavisd-new, spam assassin, clamav on a gateway system.
A short question (I know it's a bit off-topic but I know that people
here run similar systems):
I've read how to release and/or forward quarantined mail. But can I read
the quarantined mails in situ (i.e. in t
On 4/1/2012 10:04 πμ, Michael Maymann wrote:
All recommendations are welcome.
As has been discussed in the past, pflogsumm + mailgraph is a very
effective combination.
See:
http://www.howtoforge.com/postfix-monitoring-with-mailgraph-and-pflogsumm-on-debian-lenny
(Earlier discussion: e.g
Hello,
When defining options for the submission port (587) daemon in master.cf,
we must re-define explicitly all smtpd_* settings or not, or some
(*which?*) are inherited from the standard main.cf settings? More
specifically, should we define separately:
submission inet n - n
On 19/1/2012 8:54 μμ, Mark Alan wrote:
This will give you a fairly secure submission:
submission inet n - - - - smtpd
-o syslog_name=postfix-submission
-o tls_preempt_cipherlist=yes
-o smtpd_tls_mandatory_ciphers=high
-o smtpd_tls_exclude_ciphers=DES,3D
On 19/1/2012 7:06 μμ, Noel Jones wrote:
or define the restriction in main.cf and refer to it
...
(or make up your own macro names)
Thank you all for your valuable suggestions.
These "macro names" seem really interesting. Can we use them in main.cf
too (to define sets of restrictions) and how
Hello,
As our internal (main) mail server only accepts mail from two mail
gateways and users submit their mail through submission port (587), I am
planning to explicitly allow accepting mail on port 25 ONLY by our mail
gateway servers (and the mail server itself). So, in main.cf:
smtpd_clien
Hi,
Is there a solution to display stats on how many of the incoming smtp
connections were using port 25 and how many of them 587 (or other
custom)? (We are still allowing client connections to port 25.)
We are using pflogsumm (with --smtpd_stats options), but smtp stats
don't differentiate
On 20/1/2012 12:55 μμ, Charles Marcus wrote:
# reject all clients not matching anything above, and be damn sure
# to comment out the last reject under recipient_restrictions
#
0.0.0.0/0 reject unauthorized client, please use our MX
You mean to remove "reject" from *smtpd_client_restri
On 20/1/2012 4:47 μμ, James Seymour wrote:
[snip]
In the logging you will see postfix/smtps/smtpd,
postfix/submission/smtpd and postfix/smtpd.
[snip]
Two things (addressed to the OP and other readers):
1. This will break Pflogsumm. It expects to see "postfix/smtpd"
2. (1) is easil
On 20/1/2012 3:24 μμ, Nikolaos Milas wrote:
# reject all clients not matching anything above, and be damn sure
# to comment out the last reject under recipient_restrictions
#
0.0.0.0/0 reject unauthorized client, please use our MX
You mean to remove "reject&
On 20/1/2012 10:54 μμ, Wietse Venema wrote:
> seems to me the same to use:
> smtpd_client_restrictions = check_client_access
> cidr:/etc/postfix/gwservers.cidr
> where gwservers.cidr is:
> xxx.xxx.xxx.xxx OK
> xxx.xxx.xxx.xxx OK
> 0.0.0.0/0 reject unauthori
On 21/1/2012 2:49 πμ, Wietse Venema wrote:
Try using strace. See http://www.postfix.org/DEBUG_README.html
Trying to help from my past experience, I add here some details on this
(I used Postfix 2.8.5 on CentOS 6 64bit):
I added in /etc/postfix/main.cf:
debugger_command =
PATH=/bin:/usr/bin:
On 26/1/2012 1:09 πμ, Charles Marcus wrote:
However, we could formulate gwservers.cidr as (for example):
>
> xxx.xxx.xxx.xxx OK
> xxx.xxx.xxx.xxx OK
> 127.0.0.1 OK
> :::::: OK
> :::::OK
> ::1
On 2/2/2012 12:01 πμ, Reindl Harald wrote:
rebuild postfix usually is a work of 5 minutes
was there and distributed 2.8.8 two hours ago to 20 machines via RPM
Hi,
Where can we find a 2.8.x .src.rpm with *standard* Centos 5 postfix
features (ldap, sasl, tls etc.)
Thanks,
Nick
On 1/2/2012 6:00 μμ, James Seymour wrote:
rel-1.1.4 20120201
Thank you James for offering and supporting this great tool.
I have upgraded to v1.1.4 and it runs smoothly on our CentOS 5.7.
A question on pflogsumm:
Is there a way to include stats on SMTPD connections from particular
or
Hello,
In the logs, there are cases where some message seems to be coming from=<>.
This seems to be happening when local Postfix returns some delivery
report to sender (sender delivery status notification).
In such cases PFLOGSUMM, instead of a domain name or full sender
address, displays in
On 4/2/2012 7:58 μμ, Nick Bright wrote:
The only thing I have found is ConfigServer firewall:
http://configserver.com/cp/csf.html
It is a dynamic firewall containing a "login failure daemon" that
monitors for failed logins on various services, and blocks offending
IP's based on your defined
On 7/2/2012 2:47 μμ, Denis Witt wrote:
Hi,
I wonder if there is an easy solution to disallow a specific sender
(From-Header) to send e-mails to non $mydestination addresses.
Thanks in advance for any hint.
Check smtpd_sender_restrictions and/or smtpd_client_restrictions, as
well as restr
Hello,
I've noticed that message Received headers do not include the
envelope-from address.
Is there a way to include the envelope-from address in message Received
headers?
I am running Postfix 2.8.x (built from source).
Thanks,
Nick
On 13/2/2012 10:24 πμ, Peter wrote:
It's the Return-Path header.
Great Peter!
Thanks.
Nick
1 - 100 of 318 matches
Mail list logo