problems with virtual_alias_maps

Hi, I'm confused about how works the map tables in Postfix, I'm using the 2.4.1 version. I have setup the virtual_mailbox_domains to return the domain names, for that we are the final destination and I have also setup the virtual_alias_maps for trivial rewrite of some addresses. My problem:

Re: problems with virtual_alias_maps

Yes, that's what I returning now: not found - the domain was not found in the virtual_mailbox_domains table Tomas On Thu, 22 Oct 2009, Noel Jones wrote: On 10/22/2009 2:35 AM, Tomas Macek wrote: Hi, I'm confused about how works the map tables in Postfix, I'm using the 2.4.1 version. I

Re: bad recipient address passed to the content filter

On Mon, 12 Dec 2011, Noel Jones wrote: On 12/12/2011 7:08 AM, Tomas Macek wrote: I'm using Postfix 2.8.5 built from source and amavisd-new 2.6.4 from Scientific Linux distribution. I have virtual domain 'virtdom.cz' and some subdomain 'subdomain.virtdom.cz'. The server receives the message

Re: bad recipient address passed to the content filter

On Tue, 13 Dec 2011, Tomas Macek wrote: On Mon, 12 Dec 2011, Noel Jones wrote: On 12/12/2011 7:08 AM, Tomas Macek wrote: I'm using Postfix 2.8.5 built from source and amavisd-new 2.6.4 from Scientific Linux distribution. I have virtual domain 'virtdom.cz' and some subdomain

logging whitelisted IPs

I'd like to have an whitelist based on hash:file table, for example this http://www.howtoforge.com/how-to-whitelist-hosts-ip-addresses-in-postfix - it's simple. When I have a line 1.2.3.4 REJECT You were blacklisted it's logged including reason of rejecting (of course). But when I

using postscreen on port 25

I'd like to use postcreen as some kind of spam protection. According to documentation * postscreen(8) should not be used on SMTP ports that receive mail from end-user clients (MUAs). In a typical deployment, postscreen(8) is used on the port 25 service, while MUA clients submit mail via the

Re: Upgrade ...

On Thu, 29 Dec 2011, Barbara M. wrote: I read the already suggested: http://stevejenkins.com/blog/2011/01/building-postfix-2-8-on-rhel5-centos-5- from-source/ My current situation is: - Old server CentOS 4.x based (Postfix 2.2) I want to migrate to a new CentOS 6.x (Postfix 2.6) My plan is

reply-to header in this list

Hi list, is there any reason why the Reply-to: header is not set to postfix-users in this list? When I press Reply button, I'm replying to From: address, when pressing 'Reply to all', I'm replying to both the list and the sender personaly. But why should I reply to the sender personaly? Could

Re: reply-to header in this list

On Wed, 4 Jan 2012, Jerry wrote: On Wed, 4 Jan 2012 13:01:07 +0100 Erwan David articulated: On Wed, Jan 04, 2012 at 12:37:53PM CET, Tomas Macek ma...@fortech.cz said: Hi list, is there any reason why the Reply-to: header is not set to postfix-users in this list? When I press Reply button

Re: message_size_limit causes postfix to stop delivering messages

On Sun, 5 Feb 2012, Wietse Venema wrote: Nick Bright: On 2/4/2012 12:20 PM, Ralf Hildebrandt wrote: * Nick Brightnick.bri...@valnet.net: Upon restarting postfix with message_size_limit in place it simply wouldn't deliver any mail. It accepts the mail in to SMTP just fine, but it never gets

Re: performance problems

On Fri, 30 Mar 2012, Jeremie CEINTREY wrote: mails are in active queue. Amavis Processes : $max_servers =3D 8; # 2 processes by core Actually, the server is ok, not stressed at all, the relay mail is slow. What from amavis do you have in your master.cf file? The master.cf option -o

Re: performance problems

On Fri, 30 Mar 2012, Ralf Hildebrandt wrote: * Tomas Macek ma...@fortech.cz: On Fri, 30 Mar 2012, Jeremie CEINTREY wrote: mails are in active queue. Amavis Processes : $max_servers =3D 8; # 2 processes by core Actually, the server is ok, not stressed at all, the relay mail is slow. What

Re: Filter incoming mail by sender - forward, otherwise autoreply

Now I think that policy and or after queue filtering are good solutions, but both seem rather complex for a relatively easy problem. If you will create something what policyd does (www.policyd.org) using http://www.postfix.org/SMTPD_POLICY_README.html, you are able to do something with the

Re: 4xx too many errors question

On Wed, 17 Oct 2012, Wietse Venema wrote: Tomas Macek: So my question is how can I get this error message on my own computer, when I did not sent any email to the server in last hour? According to this experience, this seems to be per server settings. Or am I missing something? The error

Re: 4xx too many errors question

On Wed, 17 Oct 2012, Wietse Venema wrote: Tomas Macek: The part of the log is here: Oct 11 12:26:44 mail postfix/smtpd[4546]: my.pc.host.name[x.x.x.x]: RSET Oct 11 12:26:44 mail postfix/smtpd[4546]: my.pc.host.name[x.x.x.]: 250 2.0.0 Ok Oct 11 12:26:44 mail postfix/smtpd[4546

avoiding overload on port 587

I don't understand now, how Postfix behaves when listenting on submission port 587. Our mailserver is sometimes overloaded on port 25, so we want to use postscreen. But I don't understand, how Postfix works when it's stressed on port 587, when spammers connect to that opened port and want send

Re: avoiding overload on port 587

On Fri, 30 Nov 2012, lst_ho...@kwsoft.de wrote: Zitat von Tomas Macek ma...@fortech.cz: I don't understand now, how Postfix behaves when listenting on submission port 587. Our mailserver is sometimes overloaded on port 25, so we want to use postscreen. But I don't understand, how Postfix

Re: avoiding overload on port 587

On Fri, 30 Nov 2012, Robert Schetterer wrote: Am 30.11.2012 11:12, schrieb Tomas Macek: On Fri, 30 Nov 2012, lst_ho...@kwsoft.de wrote: Zitat von Tomas Macek ma...@fortech.cz: I don't understand now, how Postfix behaves when listenting on submission port 587. Our mailserver is sometimes

Re: avoiding overload on port 587

On Fri, 30 Nov 2012, lst_ho...@kwsoft.de wrote: Zitat von Tomas Macek ma...@fortech.cz: On Fri, 30 Nov 2012, lst_ho...@kwsoft.de wrote: Zitat von Tomas Macek ma...@fortech.cz: I don't understand now, how Postfix behaves when listenting on submission port 587. Our mailserver is sometimes

Re: avoiding overload on port 587

On Fri, 30 Nov 2012, Ralf Hildebrandt wrote: * Robert Schetterer r...@sys4.de: Am 30.11.2012 11:44, schrieb Tomas Macek: I cannot apply firewall rules on 587, because our clients travel with their notebooks and still want to send their emails through our mailserver. use fail2ban etc

Re: avoiding overload on port 587

On Fri, 30 Nov 2012, Robert Schetterer wrote: Am 30.11.2012 12:07, schrieb Tomas Macek: Fail2ban looks good, I will try it. But I'm worrying about to many filter rules in fail2ban chain, that could lead into slowing down the whole machine. The force attacks are often really brute and the IP's

Re: avoiding overload on port 587

On Fri, 30 Nov 2012, lst_ho...@kwsoft.de wrote: Zitat von Tomas Macek ma...@fortech.cz: On Fri, 30 Nov 2012, lst_ho...@kwsoft.de wrote: Zitat von Tomas Macek ma...@fortech.cz: On Fri, 30 Nov 2012, lst_ho...@kwsoft.de wrote: Zitat von Tomas Macek ma...@fortech.cz: I don't

Re: avoiding overload on port 587

On Fri, 30 Nov 2012, Robert Schetterer wrote: Am 30.11.2012 12:50, schrieb Tomas Macek: This is really interesting solution (!), hope I will be able also to connect to the syslog's pipe and read the mesages. But I don't know how right now, I still was not studiing this, but I believe

Re: avoiding overload on port 587

On Fri, 30 Nov 2012, Wietse Venema wrote: Tomas Macek: There is still one thing, that I don't understand: when exactly the postfix says that he is not stressed and restarts the processes with stress=no? This is not done when less then default_process_limit smtpd processes are run, because I

Re: avoiding overload on port 587

On Fri, 30 Nov 2012, lst_ho...@kwsoft.de wrote: Zitat von Tomas Macek ma...@fortech.cz: On Fri, 30 Nov 2012, lst_ho...@kwsoft.de wrote: Zitat von Tomas Macek ma...@fortech.cz: On Fri, 30 Nov 2012, lst_ho...@kwsoft.de wrote: Zitat von Tomas Macek ma...@fortech.cz: I don't

spaces when using -o in master.cf

I have line like this smtpd_client_restrictions = check_policy_service inet:127.0.0.1:24575, ... in my main.cf I would like the $smtpd_client_restrictions to override in master.cf, something like: submission inet n - n - - smtpd -o

Re: spaces when using -o in master.cf

On Mon, 3 Dec 2012, Reindl Harald wrote: Am 03.12.2012 14:42, schrieb Tomas Macek: I have line like this smtpd_client_restrictions = check_policy_service inet:127.0.0.1:24575, ... in my main.cf I would like the $smtpd_client_restrictions to override in master.cf, something like

Re: avoiding overload on port 587

2) why would you setup a submission service that doesn't require auth from MUAs? It's because they never had to. It is a historical problem. Now we have thousands of customers, that never had to authenticate, so there is no power to force them to do it now. These days I'm spending the

Re: avoiding overload on port 587

On Tue, 4 Dec 2012, Reindl Harald wrote: Am 04.12.2012 07:58, schrieb Tomas Macek: 2) why would you setup a submission service that doesn't require auth from MUAs? It's because they never had to. It is a historical problem. Now we have thousands of customers, that never had

Re: avoiding overload on port 587

On Tue, 4 Dec 2012, Robert Schetterer wrote: Am 04.12.2012 08:20, schrieb Tomas Macek: On Tue, 4 Dec 2012, Reindl Harald wrote: Am 04.12.2012 07:58, schrieb Tomas Macek: 2) why would you setup a submission service that doesn't require auth from MUAs? It's because they never had

prevent server from receiving mail for root@localhost

Hello, I'm trying to prevent my testing postfix installation 2.8.4 from being abused by emails that will go to the root@localhost email address. I found out that it receives these messages accindetally, when I tested my configuration. The root@localhost must be accessible, when the mail comes

Re: prevent server from receiving mail for root@localhost

Tomas Macek: Hello, I'm trying to prevent my testing postfix installation 2.8.4 from being abused by emails that will go to the root@localhost email address. I found out that it receives these messages accindetally, when I tested my configuration. The root@localhost must be accessible, when

Re: prevent server from receiving mail for root@localhost

On Tue, 23 Dec 2014, li...@rhsoft.net wrote: Am 23.12.2014 um 15:03 schrieb Tomas Macek: Tomas Macek: Hello, I'm trying to prevent my testing postfix installation 2.8.4 from being abused by emails that will go to the root@localhost email address. I found out

Re: please for submission port cfg review

On Fri, 4 Sep 2015, Viktor Dukhovni wrote: On Fri, Sep 04, 2015 at 09:44:50AM +0200, Tomas Macek wrote: Here is the result cfg: submission inet n - n - - smtpd -o smtpd_etrn_restrictions=reject -o smtpd_sasl_auth_enable=yes -o

Re: please for submission port cfg review

On Fri, 4 Sep 2015, Tomas Macek wrote: On Fri, 4 Sep 2015, Viktor Dukhovni wrote: On Fri, Sep 04, 2015 at 09:44:50AM +0200, Tomas Macek wrote: > Here is the result cfg: > > submission inet n - n - - smtpd > -o smtpd_etrn_restric

Re: please for submission port cfg review

On Thu, Sep 03, 2015 at 03:05:07PM +0200, Tomas Macek wrote: submission inet n - n - - smtpd -o smtpd_etrn_restrictions=reject -o smtpd_sasl_auth_enable=yes -o content_filter=smtp-amavis:[127.0.0.1]:10024 -o syslog_name=submission

please for submission port cfg review

Hi, I'm using Postfix 2.8.x and trying to configure properly the submission port 587 in our very new Postfix installation. I tried to read the doc and the result is below. The submission port should be used by clients from both inside and outside of $mynetworks, so it will be exposed to the

Re: Restricting the scope of "success" notifications

On Mon, 31 Jul 2017, Matus UHLAR - fantomas wrote: On 31.07.17 09:16, Tomas Macek wrote: Hello, our system is sometimes under attack of spammers using "NOTIFY=SUCCESS" param in "rcpt to: " header. And because of a random From address, the DSN message obviously goes to a

NOTIFY=SUCCESS in Milter

Hello, I'm trying to get to know, if there is a chance to see in Milter, that the "NOTIFY=xxx,yyy,zzz" was specified by a client at rcpt to command like this: RCPT TO: NOTIFY=SUCCESS,FAILURE,DELAY If there is a chance, where I should find it? Is it supposed to be to

Restricting the scope of "success" notifications

Hello, our system is sometimes under attack of spammers using "NOTIFY=SUCCESS" param in "rcpt to: " header. And because of a random From address, the DSN message obviously goes to an nonexistent server or user. I've read the "Restricting the scope of "success" notifications" topic at

Re: NOTIFY=SUCCESS in Milter

On Mon, 7 Aug 2017, Matus UHLAR - fantomas wrote: On Thu, 3 Aug 2017, Matus UHLAR - fantomas wrote: > just for curiosity: under what circumstances are you going to drop NOTIFY > parameters? > because, postfix can do this per sending IP On 07.08.17 11:27, Tomas Macek wrote: Yes, I h

Re: NOTIFY=SUCCESS in Milter

On Thu, 3 Aug 2017, A. Schulze wrote: Am 03.08.2017 um 07:32 schrieb Tomas Macek: I'm trying to get to know, if there is a chance to see in Milter that the "NOTIFY=xxx,yyy,zzz" was specified by a client at rcpt to command Hello Tomas, from the milter API Doku: xxfi_env

Re: NOTIFY=SUCCESS in Milter

On Thu, 3 Aug 2017, Matus UHLAR - fantomas wrote: > Am 03.08.2017 um 07:32 schrieb Tomas Macek: > > I'm trying to get to know, if there is a chance to see in Milter that > > the "NOTIFY=xxx,yyy,zzz" was specified by a client at rcpt to command On Thu, 3 Aug 2017,

virtual domain alias & check_recipient_access

Hello, I need to redirect all the email coming to one domain to another like this: @alias-domain.com -> @real-domain.com which means when a mail is coming to my.n...@alias-domain.com, it's first translated to my.n...@real-domain.com and later delivered to the mailbox. I have found this in

Re: virtual domain alias & check_recipient_access

On Fri, 21 Dec 2018, Wietse Venema wrote: Tomas Macek: smtpd_recipient_restrictions = ... reject_unauth_destination check_recipient_access inline:{example.com