[pfx] Re: client checks with suspect IPs

On 16/01/2024 20:28, Alex via Postfix-users wrote: Hi, I need help with making a decision involved in determining whether to add an IP to my client_checks to bypass a blocklist entry on the Barracuda blocklist that is impacting one of our users. The problem is that this would also bypass

[pfx] Re: relay_domains override for smtpd

On 16/01/2024 18:12, Marc Dierksen via Postfix-users wrote: Salutations, I am running Postfix 3.5.23 on Debian 11 as an edge mailserver that accepts mails on port 25 for a list of domains defined as relay_domains in the main.cf. I am currently trying to setup a second smtpd process on port

[pfx] Re: recipient_bcc_maps clarification.

On 08/01/2024 05:54, anant--- via Postfix-users wrote: Hello, We have in main.cf always_bcc = zz...@xx.com and our domain is xx.com For specific 2 recipients of our domain, we don't want always_bcc to be implemented.  ie. if a mail is addressed to a...@xx.com  (our domain only), mail should

[pfx] Re: Regarding reject_unlisted_sender and preventing sender address spoofing

On 05/01/2024 19:44, Taco de Wolff via Postfix-users wrote: Hi, I'm trying to understand how the reject_unlisted_sender option works in the smtpd_sender_restrictions option. This is what I understand it to do: For any received mail (it is an smtpd option after all), either for receiving

[pfx] Re: 25 years today

On 14/12/2023 14:20, Wietse Venema via Postfix-users wrote: As a few on this list may recall, it is 25 years ago today that the "IBM secure mailer" had its public beta release. This was accompanied by a nice article in the New York Times business section. Thanks Wietse and to all who have

Re: warning: process /usr/local/libexec/postfix/postscreen pid xxxxx killed by signal 11

On 20/04/2022 22:20, Michael Grimm wrote: Hi, this is postfix 3.8-20220325 (FreeBSD port postfix-current) on FreeBSD 13.1-STABLE. Michael is this problem happening on one of the RC versions of FreeBSD 13.1? On the FreeBSD site at the moment, unless I'm misreading it, I see the latest 13.1

Re: postconf -d smtpd_relay_restrictions

On 06/01/2022 00:47, Jim Popovitch wrote: On Thu, 2022-01-06 at 00:11 +0100, John Fawcett wrote: On 05/01/2022 21:21, Jim Popovitch wrote: On Wed, 2022-01-05 at 20:45 +0100, John Fawcett wrote: On 05/01/2022 20:19, Jim Popovitch wrote: This can't be right Using 'postconf -d

Re: postconf -d smtpd_relay_restrictions

On 05/01/2022 21:21, Jim Popovitch wrote: On Wed, 2022-01-05 at 20:45 +0100, John Fawcett wrote: On 05/01/2022 20:19, Jim Popovitch wrote: This can't be right Using 'postconf -d smtpd_relay_restrictions'... ...on postfix v3.5 (Debian/Buster) smtpd_relay_restrictions

Re: postconf -d smtpd_relay_restrictions

On 05/01/2022 20:19, Jim Popovitch wrote: This can't be right Using 'postconf -d smtpd_relay_restrictions'... ...on postfix v3.5 (Debian/Buster) smtpd_relay_restrictions = ${{$compatibility_level} < {1} ? {} : {permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination}} ...on

Re: Mail system is down

On 03/01/2022 00:37, Wietse Venema wrote: Here is what happens on m system. As root: # chmod g-s /usr/sbin/postdrop # ls -l /usr/sbin/postdrop -rwxr-xr-x 1 root postdrop 44472 Dec 23 18:08 /usr/sbin/postdrop # chmod 777 /var/spool/postfix/public # ls -ld /var/spool/postfix/public

Re: Mail system is down

On 03/01/2022 00:06, Ken Wright wrote: On Sun, 2022-01-02 at 17:30 -0500, Wietse Venema wrote: Ken Wright: On Sun, 2022-01-02 at 16:01 -0500, Wietse Venema wrote: Does it also fail when run as root? In that case, ??? # strace -e connect postqueue -p | showq Otherwise, some temporary hack is

Re: postfix will not send

On 31/12/2021 11:56, John Fawcett wrote: On 31/12/2021 10:36, Doug Denault wrote: This is a postfix/cyrus/mysql system running in a FreeBSD jail. It is (as far as I can make it) identical to a bare metal with the same configuration. Delivery & reading email works fine, the jailed sy

Re: postfix will not send

On 31/12/2021 10:36, Doug Denault wrote: This is a postfix/cyrus/mysql system running in a FreeBSD jail. It is (as far as I can make it) identical to a bare metal with the same configuration. Delivery & reading email works fine, the jailed system will not send email failing with: cyrus

Re: lower case email address for delivery

On 28/11/2020 11:30, Juerg Reimann wrote: > Dear list members, > > Interesting phenomenon on a newly setup system: > > 2020-11-28T11:15:48+01:00 localhost postfix/lmtp[98782]: [ID 197553 > mail.info] DDB5E8456: to=, > relay=my.host.tld[private/dovecot-lmtp], delay=0.04, delays=0.02/0/0.01/0.01,

Re: Can a more useful bounce message be provided - correction

On 15/11/2020 09:52, Nick Tait wrote: > On 14/11/20 7:30 am, Phil Stracchino wrote: >> I think what the OP is asking here is, can Yahoo/Oath be compelled to >> provide a more useful failure message relaying the informative response >> provided by OP's Postfix instance. >> >> And the answer to

Re: Can a more useful bounce message be provided - correction

On 13/11/2020 07:38, li...@lazygranch.com wrote: > My server bounced a message. Here is the server log (sanitized). > - > Nov 13 02:07:52 myserver postfix/smtpd[27706]: NOQUEUE: reject: RCPT > from sonic302-23.consmr.mail.gq1.yahoo.com[98.137.68.149]: 554 5.7.1 >

Re: Can a more useful bounce message be provided

On 13/11/2020 07:38, li...@lazygranch.com wrote: > My server bounced a message. Here is the server log (sanitized). > - > Nov 13 02:07:52 myserver postfix/smtpd[27706]: NOQUEUE: reject: RCPT > from sonic302-23.consmr.mail.gq1.yahoo.com[98.137.68.149]: 554 5.7.1 >

Re: Mail server recently became an open relay

On 19/10/2020 20:50, Rich Wales wrote: > John Fawcett wrote: > >> One thing I would suggest looking at is if there is a web server running >> on the same host it may be allowing email to be injected into postfix >> via smtp on the loopback interface using some script

Re: Mail server recently became an open relay

On 18/10/2020 06:32, Viktor Dukhovni wrote: > On Sat, Oct 17, 2020 at 09:14:50PM -0700, Rich Wales wrote: > >> Thanks. I was actually thinking something of the sort myself -- my >> server is indeed behind a separate firewall appliance. >> >> However, other e-mail (such as your recent reply to my

Re: Occasional transient "Insufficient system storage" errors

On 15/10/2020 09:44, Dara Poon wrote: > (Well, that was embarrassing! I had a Spamassassin milter on outbound mail > that tagged my own message as a false positive. Sending it again for > readability. Sorry!) > > > > I'm seeing very occasional "Insufficient system storage" errors in my >

Re: question about migration user from ldap t mysql

On 12/10/2020 18:07, natan wrote: > Hi > Thanks for replay John - maybe better is change saslauthd to > dovecot-auth ? > > For authenticating against dovecot you can use the saslauthd to authenticate against an imap server - can't say much about that as I've never used it. Or you can have postfix

Re: question about migration user from ldap t mysql

On 12/10/2020 13:02, natan wrote: > Hi > I have all users in openldap. In openldap I have password crypt+base64 > > after decoding base64 : > {CRYPT}$1$AvMW4io/$DDq.. > > In postfix auth via saslauthd: > > cat /etc/saslauthd.conf > > ldap_auth_method: custom > ldap_filter: >

Re: postscreen seqfaults with abusix rbl

On 06/10/2020 00:05, Wietse Venema wrote: > John Fawcett: >> Actually to be more precise: is it guaranteed to return not null and >> with all the function pointers in the returned dict struct also not >> null. I'm adding this because I think it does always return something

Re: postscreen seqfaults with abusix rbl

On 05/10/2020 23:18, John Fawcett wrote: > On 05/10/2020 22:19, Wietse Venema wrote: >> Benny Pedersen: >>> Oct 5 17:01:09 localhost kernel: postscreen[387]: segfault at 0 ip >>> 7f78d9773cea sp 7ffeb1cb0960 error 4 in >>> libpostfix-util.so[7f7

Re: postscreen seqfaults with abusix rbl

On 05/10/2020 22:19, Wietse Venema wrote: > Benny Pedersen: >> Oct 5 17:01:09 localhost kernel: postscreen[387]: segfault at 0 ip >> 7f78d9773cea sp 7ffeb1cb0960 error 4 in >> libpostfix-util.so[7f78d9759000+29000] >> Oct 5 17:09:51 localhost kernel: postscreen[1310]: segfault at 0 ip

Re: AWS timeout

On 14/05/2019 01:27, Wietse Venema wrote: > Wietse Venema: >> If you look at the non-VPN captures, then you will see the following: >> >> - In one trace, we see a client ACK 138, followed by a client packet >> with "." (data 443:446, ACK 138, and a timestamp field >> tht is unlike those of al

Re: AWS timeout

On 14/05/2019 01:27, Wietse Venema wrote: > Wietse Venema: >> If you look at the non-VPN captures, then you will see the following: >> >> - In one trace, we see a client ACK 138, followed by a client packet >> with "." (data 443:446, ACK 138, and a timestamp field >> tht is unlike those of al

Re: TLS client certificates and auth external

On 01/05/2019 22:04, Viktor Dukhovni wrote: > On Wed, May 01, 2019 at 09:57:29PM +0200, John Fawcett wrote: > >>> virtual_alias_maps = { >>> hash:/etc/postfix/virtual, >>> { search = full, full-noext, localpart-if-local, at-domain } &g

Re: TLS client certificates and auth external

On 28/04/2019 21:49, Wietse Venema wrote: > ... > > Once the above is implemented, the same approach could be used to > improve other parts of Postfix by making existing hard-coded behavior > configurable, for example how check_client_access looks up subnet > and partial address information, or

Re: Link for experimental postfix-3.5-20190418

On 28/04/2019 23:38, Viktor Dukhovni wrote: > On Sun, Apr 28, 2019 at 11:17:01PM +0200, John Fawcett wrote: > >> is this the right link for the latest experimental release? I can't seem >> to get it to work. >> >> http://ftp.porcupine.org/mirrors/postfix-release/exp

Link for experimental postfix-3.5-20190418

Hi is this the right link for the latest experimental release? I can't seem to get it to work. http://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-3.5-20190418.tar.gz John

Re: Route unknown user to new domain

On 25/04/2019 18:42, luis.dominguez wrote: > Hello. I'm using postfix + dovecot for my example.com domain, but i > want that any missing local users change the mail to @net.example.com > and go to my relay host. I was configured luser in postfix but when I > send a mail to a unknown user is not

Re: I need some help with the correct value for myhostname in main.cf

On 07/04/2019 20:14, Chris Green wrote: > ... > > The machine on which postfix runs is called esprimo and thus, within > my LAN, its name is esprimo.zbmc.eu. However the above seems to mean > that mail sent outside gets the name esprimo.zbmc.eu in its headers > and that seems to have provoked

Re: GF 3.3, unsupported dictionary type: mysql

On 06/04/2019 01:43, li...@sbt.net.au wrote: > I'm trying to migrate server to new vm, installed postfix* from GF (1) > > but, after copying over main.cf/master.cf get this: > > > Apr 6 00:34:46 emu postfix/proxymap[15601]: error: unsupported dictionary > type: mysql > Apr 6 00:34:46

Re: Postfix and smfi_setmlreply() milter command resulting in SMTP protocol breakage.

On 02/04/2019 10:48, Andreas Thienemann wrote: > Hi, > > I have a locally developed milter using the python-milter bindings > which seems to trigger a Postfix bug. > > The milter in question uses the smfi_setmlreply() command to set a > multiline response as defined in rfc5321. > > Multiline

Re: unknown tls_ssl_options value "tlsext_padding"

On 30/03/2019 21:20, A. Schulze wrote: > Hello, > > postfix-3.4.4 linked with openssl-1.1.1b > > $ postconf tls_ssl_options > tls_ssl_options = no_compression, tlsext_padding > > produce such log: > Mar 30 21:04:12 danube postfix/smtpd[9075]: warning: unknown tls_ssl_options > value

latest 3.5 experimental release

Hi Wietse just in case you're not aware of it: the latest experimental release does not seem to be present at this link ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-3.5-20190301.tar.gz or the equivalent mirror links. John

Re: Unexpected directories in virtual_mailbox_base

On 27/02/2019 17:56, Thomas Seilund wrote: > Hi All, > > I run a mail server with Postfix (version 2.6.6), Dovecot and > Spamassassin. > > The first time I saw an unexpected directory in virtual_mailbox_base > what medio dec. 2018. The mail server has been running for 5+ years. > > There are more

Re: How to act based on the interface on which the mail was received?

On 11/02/2019 08:42, RA wrote: > Hi. > > I have this postfix instance to relay all mail to a relay host but I wish to > make this instance also an archiving MX for a domain. Initially the > configuration was: > > mynetworks = 127.0.0.0/8 > mailbox_size_limit = 0 > inet_interfaces = loopback-only

Re: Mysql and postfix mail que

On 03/02/2019 07:51, JDN wrote: > hello you all > > > Can I set a mysql database for the mails that our in the mail que to get > send? and map that database to two postfix servers that our behind a F5 load > balancer set active passive? > > so if active goes down the second one still could send

Re: Assistance to protect from spam flood

On 12/01/2019 21:58, Nick Howitt wrote: > > > On 12/01/2019 16:42, @lbutlr wrote: >> On 12 Jan 2019, at 07:52, Nick Howitt wrote: >>> Unfortunately I don't have access to the MX Backup service. It is >>> provided by my DNS provider. >> Honestly, you should not have an MX server outside of your

Re: Assistance to protect from spam flood

On 12/01/2019 15:52, Nick Howitt wrote: > > > On 12/01/2019 14:47, John Fawcett wrote: >> restrictions only for inbound email on port 25 they may block some badly >> configured servers, but I don't think its a big issue. YMMV. I'd >> configure the backup server as fa

Re: Assistance to protect from spam flood

On 12/01/2019 15:23, Nick Howitt wrote: > > > On 12/01/2019 11:43, John Fawcett wrote: >> On 12/01/2019 12:09, Nick Howitt wrote: >>> Hi all, >>> Until recently I did not receive too much spam and had it pretty-much >>> under control. This week has gone me

Re: Assistance to protect from spam flood

On 12/01/2019 12:09, Nick Howitt wrote: > Hi all, > Until recently I did not receive too much spam and had it pretty-much > under control. This week has gone mental. So far this week I have > received 29860 connection attempts form {some_random_number}@qq.com to >

Re: Turn off command pipelining for a domain

On 06/01/2019 03:24, Lefteris Tsintjelis wrote: > Is there a possible way to turn off command pipelining completely for > a whole domain based on DNS? The pipelining-firewalling of yahoo.com > seems to be broken quite often. > > Something like: > > yahoo.com    pipelining I think you're looking

Re: SMTP filter using geo-localization

On 05/01/2019 22:26, Philippe - Forums wrote: > Hello, > > I would like to filter SMTP access using geo-localization. > > I have installed geoip-bin on my mailserver. > > This tool works like nslookup with an IP (geoiplookup @IP) and give > geographic informations about this IP and especially the

Re: Limiting global number of outgoing connections

On 03/01/2019 11:23, Lorenzo Milesi wrote: > Hi. > > I need to limit the maximum number of outgoing SMTP connections done by > Postfix for delivering messages. > Our VPS provider is limiting to 5 conns/s, so I need Postfix not to open more > than 5 connections to remote SMTP servers. > > I

Re: Logging suggestion

On 01/01/2019 17:56, Wietse Venema wrote: > John Fawcett: >>>> JFTR, this is what a full implementation would look like. >>>> A full implementation would update a new SMTP_STATE violation_mask >>>> field for specific violation categories (syntax, pipeli

Re: Logging suggestion

On 30/12/2018 20:20, John Fawcett wrote: > On 30/12/2018 18:05, Wietse Venema wrote: >> John Fawcett: >>> On 30/12/2018 01:19, Wietse Venema wrote: >>> Here's a revised patch implementing the above logging. >>> >>> I did not take out the existing pipeli

Re: Logging suggestion

On 30/12/2018 18:05, Wietse Venema wrote: > John Fawcett: >> On 30/12/2018 01:19, Wietse Venema wrote: >> Here's a revised patch implementing the above logging. >> >> I did not take out the existing pipelining logging since it provides >> additiona

Re: Logging suggestion

On 30/12/2018 01:19, Wietse Venema wrote: > John Fawcett: >>> I would not log this for EVERY command. Especially because the >>> logged text size by far exceeds the command size (each logfile >>> record takes ~100 bytes, while the client needs to send only

Re: Logging suggestion

On 29/12/2018 23:20, Wietse Venema wrote: > Sorry, I did not recognize the diff because all whitespace was using > UTF8 code points, and I read mail with a text editor that is optimized > for programing, not for text processing. > > After fixing the whitespace: Thanks for reviewing it further.

Re: Logging suggestion

On 29/12/2018 13:59, Patrick Ben Koetter wrote: > * John Fawcett : >> The first one is to leave an explicit trace in the log when starttls is >> enforced (for example on the submission port) but the client does not >> issue STARTTLS. > Have you tried to set reject_plainte

Small correction to a comment

Hi while looking through the code for the previous post I noticed that the return type for smtpd_sasl_auth_cmd in the comment does not correspond to the one in the code. John --- smtpd/smtpd_sasl_proto.c.orig    2018-12-29 12:00:06.168219924 +0100 +++ smtpd/smtpd_sasl_proto.c    2018-12-29

Logging suggestion

Hi I'd like to make two suggestions for additional logging. The first one is to leave an explicit trace in the log when starttls is enforced (for example on the submission port) but the client does not issue STARTTLS. The second one is to explicitly log that a protocol error has occurred.

Re: hostnames in postscreen_access_list

On 27/11/2018 00:09, Wietse Venema wrote: > John Fawcett: >> Hi >> >> I was recently trying to whitelist a client hostname that frequently >> changes ip. >> >> >From the documentation check_client_access restriction for use with >> smtpd allow

hostnames in postscreen_access_list

On 26/11/2018 23:18, Noel Jones wrote: > On 11/26/2018 1:53 PM, John Fawcett wrote: >> Hi >> >> I was recently trying to whitelist a client hostname that frequently >> changes ip. >> >> From the documentation check_client_access restriction for use with

hostnames in postscreen_access_list

Hi I was recently trying to whitelist a client hostname that frequently changes ip. >From the documentation check_client_access restriction for use with smtpd allows to specify access table lookups which contains hostnames. postscreen_access_list does not seem to allow hostnames in lookup

Re: dnsblog and "Name service error"

On 14/09/18 03:39, Alex wrote: > Hi, > > On Thu, Sep 13, 2018 at 7:56 PM Wietse Venema wrote: >> Alex: >>> Domain Name System (response) >>> Transaction ID: 0xded6 >>> Flags: 0x8182 Standard query response, Server failure >>> 1... = Response: Message is a response

Re: Add UTF8 support in PostgreSQL lookup table interface

ame, strlen(name))) { >> if (msg_verbose) >> msg_info("%s: %s: Skipping lookup of non-UTF-8 key '%s'", >> myname, dict_ldap->parser->name, name); >> return (0); >> } >> >> This code has been [in dic

Re: Add UTF8 support in PostgreSQL lookup table interface

On 24/08/18 22:54, Wietse Venema wrote: > Viktor Dukhovni: >> Yes, but that'd have to be done by the dictionary lookup layer, >> possibly in proxymap, based on a suitable signal from the lookup >> client, but the low-level API (dict_get()) does not presently >> support any per-lookup flags. So

Re: Strange errors in mail.warn log

On 18/03/18 19:12, Mario wrote: > How to avoid getting strange records in the mail.warn file? > I started to receive it after Debian upgrade from jessie to stretch and > postfix upgrade from 2.11.3 to 3.1.8. > It is generated once, just after the system reboot. > > Despite the strange errors

Re: Not receiving mail from some legitimate domains

On 12/03/18 07:12, jlftl wrote: > Wietse Venema wrote >> jlftl: >>> Thank you very much for the responses! >>> >>> This is a small, personal setup with low traffic so I will definitely >>> explore using notify_classes to try to get more feedback on the failures. >>> >>> Remote server legitmacy -

Re: unknown recipient issue

On 09/03/18 11:40, Alfredo De Luca wrote: > Hi all.  > We have Postfix 2.10 as company mailserver.  > I noticed that when I send an email to a not-existing user mailbox in > our domain I don't receive an email back saying unknown mailbox or > similar. > > What do I need to do on main.cf

Re: LMTP and virtual users confusion

On 09/03/18 11:47, Joe Buck wrote: > Hi fair folks. After years of using OS X servers I'm back on FreeBSD and > well... owls have sure aged since then. > > So I'm trying to do a virtual domain+virtual users setup with Dovecot where > I'd have several virtual domains and several users. Each user is

Re: Not receiving mail from some legitimate domains

On 06/03/18 19:12, jlftl wrote: > I have a server running Postfix (3.1.0-3ubuntu0.3) that has been in > production for a few months and is generally working well. However I've > been struggling to resolve an issue where some legitimate servers cannot > send inbound mail, where there appears to be

Re: Question regarding VRFY

On 01/03/18 05:09, J Doe wrote: > Hi John, > >> On Feb 27, 2018, at 3:25 PM, John Fawcett <j...@voipsupport.it> wrote: >> I can't think of a compelling reason either to enable VRFY or to disable >> it. Disabling it stops people abusing it, but then they can just

Re: Question regarding VRFY

On 27/02/18 20:36, J Doe wrote: > Hi, > > I read in both the Postfix man file (man 5 postconf), and the SMTP RFC > (5321), that VRFY can be disabled on a site-by-site basis. > > I disabled this on my server for port 25 but am wondering if I should leave > this enabled on my Postfix instance that

Re: Suggestion: make compilation fail if m4 is not installed

On 25/02/18 01:18, Wietse Venema wrote: > John Fawcett: >> I was wondering if it might be wise to make m4 a mandatory prerequisite, >> without which compilation would fail.? > We could add this at the top of the script: > > m4 > but that would be a point solu

Re: Suggestion: make compilation fail if m4 is not installed

On 25/02/18 08:54, @lbutlr wrote: > On 2018-02-25 (00:37 MST), John Fawcett <j...@voipsupport.it> wrote: >> I normally start out with the minimal set of packages and only add >> software that I need to those. While make was already there, the >> compiler and m

Re: Suggestion: make compilation fail if m4 is not installed

On 25/02/18 09:07, Peter wrote: > On 25/02/18 19:27, Bastian Blank wrote: >> On Sat, Feb 24, 2018 at 07:18:32PM -0500, Wietse Venema wrote: >>> We could add this at the top of the script: >>> m4 > Using "set -e" is much more effective and finds all errors. > Please no. set -e is an attempt to

Re: Suggestion: make compilation fail if m4 is not installed

On 25/02/18 01:18, Wietse Venema wrote: > John Fawcett: >> >> I was wondering if it might be wise to make m4 a mandatory prerequisite, >> without which compilation would fail.? > We could add this at the top of the script: > > m4 > but that would be a

Re: Suggestion: make compilation fail if m4 is not installed

On 25/02/18 03:09, @lbutlr wrote: > On 2018-02-24 (09:44 MST), John Fawcett <j...@voipsupport.it> wrote: >> due to the fact I had forgotten to install m4. > Interesting. m4 is part of my base install. At least I think it is, it's not > in /usr/local/... and i don'

Suggestion: make compilation fail if m4 is not installed

Hi this is a strange error. I just had the chance to reinstall postfix from latest snapshot source on a new centos 7 server. When running postconf -n I was getting various errors relating to unused parameters from mysql map configuration files. This is an example of the message: postconf:

Re: Testing Postfix-3.3....0-RC1

On 18/02/18 14:26, John Fawcett wrote: > On 18/02/18 14:04, Wietse Venema wrote: >> Christian Ro??ner: >>> Hi, >>> >>> sorry for the delay. I gave a party at Friday and I did not find the time >>> to anser faster. >>> >>>>

Re: Testing Postfix-3.3....0-RC1

On 18/02/18 14:04, Wietse Venema wrote: > Christian Ro??ner: >> Hi, >> >> sorry for the delay. I gave a party at Friday and I did not find the time to >> anser faster. >> >>> Am 18.02.2018 um 00:48 schrieb Wietse Venema : >>> >>> postconf -xn | grep /etc/postfix/ldap > I

Re: Postfix with sqlite - Database becomes locked

On 01/10/2018 09:28 PM, Sebastian Wolfgarten wrote: > Hi, > > I am uncertain as to what’s causing the DB to get locked - I am also running > Roundcube (webmail) on the server, maybe that’s the reason. I will check the > permission roundcube uses to access the db, I think it can be read-only

Re: use different mysql databases for header_checks

On 01/05/2018 09:51 AM, Tavolodo Bela wrote: > Hello, > > I'd like to create a mysql lookup table for header_checks. > I think the following should do the trick: > > header_checks = mysql:/etc/posfix/header_checks.cf > > > header_checks.cf might

HISTORY file typo

Hi Just saw this comment in the HISTORY file and noticed that the original and replaced values look just the same. 20170704 Typos (introduced: Postfix 2.10): in comments about IPv4-in-IPv6 addresses, replace :::1.2.3.4 with the correct form :::1.2.3.4. Incorrect

Re: Issue with SASL authentication

On 05/25/2017 06:20 PM, Daniel Bareiro wrote: > Hi! > > On 24/05/17 21:18, Daniel Bareiro wrote: > >> Hi again. >> >> On 24/05/17 17:46, Daniel Bareiro wrote: >> >>> Maybe this question is not 100% about Postfix, but it is related. I am >>> configuring a Postifx server with SASL authentication.

Re: connecting to mysql socket

On 04/07/2017 07:33 PM, Robert Moskowitz wrote: > > > On 04/07/2017 01:19 PM, Wietse Venema wrote: >> Robert Moskowitz: >>> I solved my mysql access problem with dovecot; turned out it was trying >>> a tcp connection and mysql is not listening on tcp. Fixed that to use >>> mysql.sock. >>> >>> So

Re: Make smtp client talk through SSH tunnel?

On 01/04/2017 12:47 PM, Wietse Venema wrote: > Matthias Andree: >> Greetings and a happy new year, >> >> >> I still am in a situation where I occasionally need to have an SMTP >> client (preferable Postfix's) talk through an SSH tunnel. >> >> I know we have the smtp(8) client, and we have the

Re: Rate-limiting access to postfix on the firewall, what are decent numbers (depending on overall traffic)?

On 01/03/2017 01:37 PM, Gerben Wierda wrote: > My postfix MTA has been under a lot of DOS-like attention. Such as a botnet > sending many EHLO-requests, then password attempts: > ... > It does the first part from a multitude of machines. > > I want to stop this by setting a rate limiting rule in

Re: smtpd_sender_restriction

On 12/29/2016 11:13 AM, Martin Skjöldebrand wrote: > Den 2016-12-29 kl. 10:45, skrev Dominic Raferd: > >> Two possibilities occur to me - (a) the email is not 'really' from >> i...@rabattgatan.com, maybe this is the envelope sender or just the >> display name? or (b) if your mailserver is relaying

Re: Postfix delivery problem

On 12/27/2016 08:59 AM, John Fawcett wrote: > On 12/27/2016 12:17 AM, G. Schlisio wrote: >>> I managed to find where this is happening. It is not in glibc but in >>> systemd. >>> >>> If your /etc/nsswitch.conf has something like this: >&g

Re: Avoiding spam blacklists

On 12/28/2016 09:36 AM, Alice Wonder wrote: > On 12/28/2016 12:28 AM, John Fawcett wrote: >> On 12/28/2016 08:32 AM, Alice Wonder wrote: >>> Virtual machine for a web application, it is still in testing. >>> >>> reverse DNS is properly set up. >>> Post

Re: Avoiding spam blacklists

On 12/28/2016 08:32 AM, Alice Wonder wrote: > Virtual machine for a web application, it is still in testing. > > reverse DNS is properly set up. > Postfix only listens on the local host. > Linux firewall drops anything not to port 80, 443, or a custom high > number port I use for SSH. > > This

Re: MySQL stored-procedure support for Postfix 3.2

On 12/26/2016 10:35 PM, Wietse Venema wrote: > John Fawcett: >> so long as the loop continues in the presence of a zero return >> code from mysql_next_result() and mysql_store_result is called for >> each one we will stay in sync. With the break above we will be ok, >>

Re: Postfix delivery problem

On 12/27/2016 12:17 AM, G. Schlisio wrote: >> I managed to find where this is happening. It is not in glibc but in >> systemd. >> >> If your /etc/nsswitch.conf has something like this: >> >> passwd: compat mymachines systemd >> >> then the routines that are being used are systemd ones. >> >>

Re: MySQL stored-procedure support for Postfix 3.2

On 12/26/2016 01:45 AM, Wietse Venema wrote: > I see room for two improvements: > - Don't loop on mysql_next_result() if that function returns an > error, to avoid going into an infinite loop. A break is needed in the case of >0 return code from mysql_next_result. while

Re: MySQL stored-procedure support for Postfix 3.2

On 12/25/2016 08:45 PM, Wietse Venema wrote: > John Fawcett: >>> I'll diff your new patch against the previous version and see what >>> changes you made. >> if you break out of the loop without reading all the result data you >> will get the following mysql error

Re: Postfix delivery problem

On 12/25/2016 06:30 PM, G. Schlisio wrote: >> I tried that on archlinux. The above program still produces EINVAL for >> login names between 32 and 255 inclusive. >> >> _SC_LOGIN_NAME_MAX is 256 on that platform. >> >> John >> > hi, > > earlier i tried with literal "AA", which was probably not

Re: MySQL stored-procedure support for Postfix 3.2

On 12/25/2016 04:46 PM, Wietse Venema wrote: > John Fawcett: > [ Charset windows-1252 converted... ] >> On 12/25/2016 09:30 AM, John Fawcett wrote: >>> On 12/25/2016 01:17 AM, Wietse Venema wrote: >>>> John Fawcett: >>>>> Revised patch to impro

Re: Postfix delivery problem

On 12/25/2016 11:10 AM, G. Schlisio wrote: >> Georg >> >> I don't think there is enough evidence at the moment to say with >> certainty that any change in glibc has introduced the problem, since you >> were using that for a while now without seeing issues. >> >> I'd still be interested in knowing

Re: MySQL stored-procedure support for Postfix 3.2

On 12/25/2016 09:30 AM, John Fawcett wrote: > On 12/25/2016 01:17 AM, Wietse Venema wrote: >> John Fawcett: >>> Revised patch to improve error reporting when no result set containing >>> data is returned >> This code is now part of postfix-3.2-20161224-nonprod, sli

Re: AW: Possible Bug ? postfix 3.1.0-3 fails on mysql table lookup

On 12/18/2016 09:38 PM, John Fawcett wrote: > On 12/18/2016 02:09 AM, Wietse Venema wrote: >> What if Postfix made an old-style query? I think it should just >> report the old-style error here. >> >> Wietse > I agree. It might be as simple as changing &g

Re: MySQL stored-procedure support for Postfix 3.2

On 12/25/2016 01:17 AM, Wietse Venema wrote: > John Fawcett: >> Revised patch to improve error reporting when no result set containing >> data is returned > This code is now part of postfix-3.2-20161224-nonprod, slightly > edited to simplify error handling. I would

Re: Postfix delivery problem

On 12/24/2016 02:43 PM, G. Schlisio wrote: > > Am 24.12.2016 um 08:40 schrieb John Fawcett: >> On 12/24/2016 01:19 AM, Wietse Venema wrote: >>> John Fawcett: >>>>>> "On success, *getpwnam_r*() and *getpwuid_r*() return zero, and set >>>&

Re: Postfix delivery problem

On 12/24/2016 01:19 AM, Wietse Venema wrote: > John Fawcett: >>>> "On success, *getpwnam_r*() and *getpwuid_r*() return zero, and set >>>> /*result/ to /pwd/. If no matching password record was found, these >>>> functions return 0 and store NULL in /*res

Re: Postfix delivery problem

On 12/23/2016 06:22 PM, G. Schlisio wrote: >> Georg >> >> Replying to my own post: on re-reading the specification, it looks clear >> >> "On success, *getpwnam_r*() and *getpwuid_r*() return zero, and set >> /*result/ to /pwd/. If no matching password record was found, these >> functions return 0

  1   2   >