Dovecot + Postfix: virtual users Mailbox folder

2017-01-13 Thread mohamed 
I checked the mail log in /var/log and discovered that now errors happened
when sending the e-mail. However, I couldn't figure out where the incoming
e-mails will be stored in the system (I'm on Ubuntu 16.04 LTS).





--
View this message in context: 
http://postfix.1071664.n5.nabble.com/Dovecot-Postfix-virtual-users-Mailbox-folder-tp88255.html
Sent from the Postfix Users mailing list archive at Nabble.com.

connect to transport hash: No such file or directory

2012-05-02 Thread Mohamed Tahoon 
HI,

i am configuring my postfix daemon to forward mails to two different 
destinations mail servers (example1.com, example2.com)

while the folllowing warning messages appears every minute:
# tail -10 mail.warn
Apr 23 21:43:53 myservername postfix/qmgr[27933]: warning: connect to transport 
hash: No such file or directory
Apr 23 21:44:53 myservername postfix/qmgr[27933]: warning: connect to transport 
hash: No such file or directory
Apr 23 21:45:53 myservername postfix/qmgr[27933]: warning: connect to transport 
hash: No such file or directory
.
.



configuration as follows:

# postconf | grep relay
address_verify_relay_transport = $relay_transport
address_verify_relayhost = $relayhost
fallback_relay =
fast_flush_domains = $relay_domains
relay_clientcerts =
relay_domains = example1.com
relay_domains_reject_code = 554
relay_recipient_maps =
relay_transport = hash:/etc/postfix/transport
relayhost =
unknown_relay_recipient_reject_code = 550


# postconf | grep transport
best_mx_transport =
default_transport = smtp
defer_transports =
fallback_transport =
local_transport = local:$myhostname
mailbox_transport =
relay_transport = hash:/etc/postfix/transport
transport_maps = hash:/etc/postfix/transport
transport_retry_time = 60s
virtual_transport = virtual


cat /etc/postfix/transport:
example1.com :server1.xxx.domain1.net



Regards



The content of this email together with any attachments, statements and 
opinions expressed herein contains information that is private and 
confidential, are intended for the named addressee/s only. If you are not the 
addressee of this email you may not copy, forward, disclose or otherwise use it 
or any part of it in any form whatsoever. If you have received this message in 
error, please notify mail.ad...@etisalat.com by email immediately and delete 
the message without making any copies.

Re: Restricting mail relaying

2016-10-28 Thread Mohamed Lrhazi 
Thanks a lot!


On Fri, Oct 28, 2016 at 9:29 AM Noel Jones <njo...@megan.vbhcs.org> wrote:

> On 10/27/2016 10:17 PM, Mohamed Lrhazi wrote:
> > Been a long time since I used Postfix, sorry for this basic question.
> >
> > I have a Postfix server used internally by servers in the network to
> > send out mail. Itself relays all mail to an upstream server.
> >
> > How can I reject mail from given clients (list of IPs), but only if
> > destined for domains other than a given list of domains.
> >
> > am confused by the fact that for my Postfix, all mail is "relay"
> > mail...  and no domains are defined as "local"... so I can just say
> > restrict relaying to this list of clients.
> >
> > Thanks a lot,
> > Mohamed.
> >
>
> use a restriction class. First check_client_access to see if it's a
> restricted IP, then a check_recipient_access to see if it's an
> allowed destination, then a final reject for anything not allowed.
> Docs and some similar examples are here:
> http://www.postfix.org/RESTRICTION_CLASS_README.html
>
>
>
>   -- Noel Jones
>

Restricting mail relaying

2016-10-27 Thread Mohamed Lrhazi 
Been a long time since I used Postfix, sorry for this basic question.

I have a Postfix server used internally by servers in the network to send
out mail. Itself relays all mail to an upstream server.

How can I reject mail from given clients (list of IPs), but only if
destined for domains other than a given list of domains.

am confused by the fact that for my Postfix, all mail is "relay" mail...
 and no domains are defined as "local"... so I can just say restrict
relaying to this list of clients.

Thanks a lot,
Mohamed.

Re: Dovecot + Postfix: virtual users Mailbox folder

2017-01-13 Thread Mohamed Maalej 
Hi,

 Thank you for replying.

 I installed postfix on a Ubuntu machine (16.04 LTS)  using a Postgres
database which contains users and  aliases.
 I had a 550 (dovecot lmtp problem : userX does not exist).

 I have the following questions:

1 - How to get the system recognize virtual users when using sendmail ?
2 - How to link Thunderbird to my mail server so that I will be able to
retrieve incoming mails for virtual users ?
3 - How to fix a mailbox directory for incoming mails ?
4 - How to exchange mails with external peers ?

Attached to this e-mail, you will find main.cf (postfix), dovecot.conf
(dovecot) .

If you need to see  any other file, just let me know.

Regards,
Mohamed Maalej.

On Fri, Jan 13, 2017 at 5:09 PM, Dominic Raferd <domi...@timedicer.co.uk>
wrote:

> On 13 January 2017 at 15:27, mohamed <mohamedmaalej@gmail.com> wrote:
> > I checked the mail log in /var/log and discovered that now errors
> happened
> > when sending the e-mail. However, I couldn't figure out where the
> incoming
> > e-mails will be stored in the system (I'm on Ubuntu 16.04 LTS).
> >
>
> Usually mails are stored at /var/mail I think.
>


On Fri, Jan 13, 2017 at 5:09 PM, Dominic Raferd <domi...@timedicer.co.uk>
wrote:

> On 13 January 2017 at 15:27, mohamed <mohamedmaalej@gmail.com> wrote:
> > I checked the mail log in /var/log and discovered that now errors
> happened
> > when sending the e-mail. However, I couldn't figure out where the
> incoming
> > e-mails will be stored in the system (I'm on Ubuntu 16.04 LTS).
> >
>
> Usually mails are stored at /var/mail I think.
>


main.cf
Description: Binary data


dovecot.conf
Description: Binary data

Configuration problems (postfix, dovecot, postgresql, thunderbird)

2017-01-14 Thread Mohamed Maalej 
Hi,


I installed Postfix and Dovecot on a Ubuntu 16.04 LTS machine. I used
PostgreSQL as a database.

My configuration .txt file and the issues I found was hosted on Guthub:
https://github.com/MedMaalej/Postfix-Dovecot-setup

Please advise.


Regards,
Mohamed Maalej.

gmail using sasl auth? (Non postfix question)

2019-04-30 Thread Mohamed Lrhazi 
I hope you guys don't mind me asking here about a non Postfix issue.

I find this in the logs of our mail relay server. We are using google's
GSuite, but have a relay for some use cases...


Apr 30 09:03:59 idp-prod-2 postfix/qmgr[5631]: 02EBF3A402: removed
Apr 30 09:03:59 idp-prod-2 postfix/smtp[2920]: 02EBF3A402: to=<
us...@example.com>, relay=aspmx.l.google.com[173.194.207.27]:25,
delay=0.71, delays=0.08/0.03/0.19/0.41, dsn=2.0.0, status=sent (250 2.0.0
OK  1556629439 r127si3887981qkb.206 - gsmtp)
Apr 30 09:03:59 idp-prod-2 postfix/qmgr[5631]: 02EBF3A402: from=<
us...@example.com>, size=2370, nrcpt=1 (queue active)
Apr 30 09:03:59 idp-prod-2 postfix/cleanup[2919]: 02EBF3A402: message-id=<
cajgw3yovgh6fto9somazqewk2nd+lwv9zr7ejqojlbo-2nk...@mail.gmail.com>
Apr 30 09:03:59 idp-prod-2 postfix/smtpd[2847]: 02EBF3A402: client=
mail-ot1-f43.google.com[209.85.210.43], sasl_method=PLAIN,
sasl_username=user1


example.com is our domain, and user1 and 2 our valid users.I cannot figure
out why and how our users would be sending mail via our mail relay, with
the source IP address coming up as google's?

Am I misunderstanding the log lines?

Thanks a lot!
Mohamed.

Re: gmail using sasl auth? (Non postfix question)

2019-04-30 Thread Mohamed Lrhazi 
Thanks Noel. This sounds like a good clue the gmail app is used with a
custom SMTP server, which would be our mail relay... I will try and
reproduce this. I would expect the source IP address of the SMTP traffic to
be the client's device though,  not Google's.

On Tue, Apr 30, 2019, 2:18 PM Noel Jones  wrote:

> https://support.google.com/mail/answer/6078445
>
>
>
>
> On 4/30/2019 10:54 AM, Mohamed Lrhazi wrote:
> > I hope you guys don't mind me asking here about a non Postfix issue.
> >
> > I find this in the logs of our mail relay server. We are using
> > google's GSuite, but have a relay for some use cases...
> >
> >
> > Apr 30 09:03:59 idp-prod-2 postfix/qmgr[5631]: 02EBF3A402: removed
> > Apr 30 09:03:59 idp-prod-2 postfix/smtp[2920]: 02EBF3A402:
> > to=mailto:us...@example.com>>,
> > relay=aspmx.l.google.com
> > <http://aspmx.l.google.com>[173.194.207.27]:25, delay=0.71,
> > delays=0.08/0.03/0.19/0.41, dsn=2.0.0, status=sent (250 2.0.0 OK
> > 1556629439 r127si3887981qkb.206 - gsmtp)
> > Apr 30 09:03:59 idp-prod-2 postfix/qmgr[5631]: 02EBF3A402:
> > from=mailto:us...@example.com>>, size=2370,
> > nrcpt=1 (queue active)
> > Apr 30 09:03:59 idp-prod-2 postfix/cleanup[2919]: 02EBF3A402:
> > message-id=<
> cajgw3yovgh6fto9somazqewk2nd+lwv9zr7ejqojlbo-2nk...@mail.gmail.com
> >  cajgw3yovgh6fto9somazqewk2nd%2blwv9zr7ejqojlbo-2nk...@mail.gmail.com>>
> > Apr 30 09:03:59 idp-prod-2 postfix/smtpd[2847]: 02EBF3A402:
> > client=mail-ot1-f43.google.com
> > <http://mail-ot1-f43.google.com>[209.85.210.43], sasl_method=PLAIN,
> > sasl_username=user1
> >
> >
> > example.com <http://example.com> is our domain, and user1 and 2 our
> > valid users.I cannot figure out why and how our users would be
> > sending mail via our mail relay, with the source IP address coming
> > up as google's?
> >
> > Am I misunderstanding the log lines?
> >
> > Thanks a lot!
> > Mohamed.
>
>

Re: SPF IP addresses limit question

2020-02-23 Thread Mohamed Lrhazi 
Thanks all,

My question still was: Suppose I comply with all the recommendations and
best practices in composing my SPF records... Do I still need to worry
about the number of IP addresses (v4/v6/ciders) that I put in each record?

I guess if I could really stick with sub 512 bytes records, I could not put
more than 20ish ip4 mechanisms and even less if including ip6 ones. And
using includes I could not have more than 10 of such records.


On Sun, Feb 23, 2020 at 7:54 PM Viktor Dukhovni 
wrote:

> On Sun, Feb 23, 2020 at 06:44:34PM -0500, Mohamed Lrhazi wrote:
>
> > record flattening is the process of replacing include, and other lookup
> > generating mechanisms, with their resulting ip addresses.
> > My question is how many IPs can one put in a single spf record?
> >
> > It appears the RFC does not touch on this, so I guess it’s left to the
> > implementors to decide, and from my limited tests it seems to vary a lot.
>
> The most recent BCP recommendation for UDP DNS buffer size selection is
> 1232 bytes.  Therefore your TXT record along with any other DNS overhead
> (including any DNSSEC signatures if your domain is signed) should fit
> into at most 1232 bytes.  You can test with:
>
> dig +norecur +dnssec +novc -t txt example.com @ns1.example.com
>
> (where ns1.example.com is replaced by a suitable authoritative
> server for the domain), and see how big the response is.
>
> Some resolvers may limit DNS resposes further, and responses of 512
> bytes or less are sure to be sufficiently small.
>
> FWIW, google seems to have comparatively small SPF text records, and
> even advertises 512 bytes as the EDNS buffer size, but google.com is
> unsigned, so the small UDP limit becomes more practical.
>
> $ dig +norecur +dnssec +novc -t txt _netblocks.google.com @
> ns1.google.com
> ...
> _netblocks.google.com.  3600IN  TXT "v=spf1 ip4:
> 35.190.247.0/24 ip4:64.233.160.0/19 ip4:66.102.0.0/20 ip4:66.249.80.0/20
> ip4:72.14.192.0/18 ip4:74.125.0.0/16 ip4:108.177.8.0/21 ip4:173.194.0.0/16
> ip4:209.85.128.0/17 ip4:216.58.192.0/19 ip4:216.239.32.0/19 ~all"
> ...
> ;; MSG SIZE  rcvd: 286
>
> $ dig +norecur +dnssec +novc -t txt _netblocks2.google.com @
> ns1.google.com
> ...
> _netblocks2.google.com. 3600IN  TXT "v=spf1
> ip6:2001:4860:4000::/36 ip6:2404:6800:4000::/36 ip6:2607:f8b0:4000::/36
> ip6:2800:3f0:4000::/36 ip6:2a00:1450:4000::/36 ip6:2c0f:fb50:4000::/36 ~all"
> ...
> ;; MSG SIZE  rcvd: 218
>
> --
> Viktor.
>

SPF IP addresses limit question

2020-02-23 Thread Mohamed Lrhazi 
Hello all,

Sorry for a non-postfix specific question.

I am running into an issue with a big SPF record I had been maintaining. I
went ahead a broke it up using the include: mechanism, but am still trying
to figure out the limit I did hit.

For testing purposes, I send emails from this addr...@spf.255.cuaemail.org
to gmail, yahoo.com, and outlook.com

The SPF record for that domain is made up of 255 ip4 addresses, the last of
which is my true client IP. Please check it out with dig.

gmail and yahoo fail the SPF test. outlook passes.

Using addr...@spf.101.cuaemail.org, gmail also passes. The SPF for this
domain has 101 addresses.

Using addr...@spf.63.cuaemail.org, yahoo also passes.

So am concluding these vendors have these limits for the number of IPs in a
single SPF record... would that be correct conclusion? anyone knows if this
is documented by these vendors?

I opened a case with Google and so far they have been insisting there is no
such limit!

Thank you so much.
Mohamed.

Re: SPF IP addresses limit question

2020-02-23 Thread Mohamed Lrhazi 
On Sun, Feb 23, 2020 at 3:23 PM Benny

>
> https://dmarcian.com/spf-survey/?domain=spf.255.cuaemail.org
>
> see Record flattening


record flattening is the process of replacing include, and other lookup
generating mechanisms, with their resulting ip addresses.
My question is how many IPs can one put in a single spf record?

It appears the RFC does not touch on this, so I guess it’s left to the
implementors to decide, and from my limited tests it seems to vary a lot.

Thanks a lot.
Mohamed.