Re: Postfix install error

2009-02-03 Thread Victor Duchovni
On Tue, Feb 03, 2009 at 11:27:44AM -0800, Nandini Mocherla wrote: Hi I was installing Postfix postfix-2.5.5 on Solaris. At the time of compiling the Source with make I have defined the parameters (for changing the default values of the following from /etc/ to /opt etc.)

Re: Postfix install error

2009-02-03 Thread Victor Duchovni
On Tue, Feb 03, 2009 at 12:23:48PM -0800, Nandini Mocherla wrote: I have compiled it with the desired locations for all the parameters mentioned in my email. Then with make install it prompted me for the locations again and i have answered them changing the default ones. Then it

Re: SMTP sessions

2009-02-03 Thread Victor Duchovni
On Tue, Feb 03, 2009 at 09:10:50PM +0100, Rocco Scappatura wrote: I fear that the problem is that for each session I can have an unsettled number of messages sent over that session (It could be happen? If yes, It could be depend on MTA settings?) other then an unsettled size of SMTP

Re: Postfix install error

2009-02-03 Thread Victor Duchovni
On Tue, Feb 03, 2009 at 01:49:40PM -0800, Nandini Mocherla wrote: Yes, of course, because your overrides are stored in main.cf, and main.cf is in the compiled-in location. The correct main.cf location MUST be compiled-in. DO NOT override it when installing the primary Postfix instance on a

Re: SMTP sessions

2009-02-03 Thread Victor Duchovni
On Tue, Feb 03, 2009 at 11:59:37PM +0100, Rocco Scappatura wrote: Returning to my question, I'm trying to understand: 1) Once a client (or another MTA) establish a TCP connection with listening port bounded by the SMTP daemon of Postfix, could happen that more then one email messages are

Re: Postfix install error

2009-02-03 Thread Victor Duchovni
On Tue, Feb 03, 2009 at 01:52:45PM -0800, Nandini Mocherla wrote: My makedefs.out does not say any thing about configurations i specified with make files other than PCRE and here is the output EXPORT = AUXLIBS=' -L/usr/lib -R/usr/lib -lpcre' CCARGS=' -Dstrcasecmp=fix_strcasecmp

Re: Mail sits in queue

2009-02-03 Thread Victor Duchovni
On Tue, Feb 03, 2009 at 01:34:10PM -0500, Brian Evans - Postfix List wrote: The php mail() command (on *nix) defaults to come in through the pickup daemon (using the sendmail(1) command). It can also be sent in via the smtpd daemon. Intentionally send a message through your app and

Re: SMTP sessions

2009-02-03 Thread Victor Duchovni
On Wed, Feb 04, 2009 at 02:21:31AM +0100, Rocco Scappatura wrote: There is no evidence that sender-side connection re-use has any material impact on your queues. If you do want to enforce such limits, they should be applied selectively to just IP sources with poor reputations. Indeed, it

Re: Postfix install error

2009-02-03 Thread Victor Duchovni
On Tue, Feb 03, 2009 at 04:58:42PM -0800, Nandini Mocherla wrote: Thank You! I changed the way, i was using quotes and it did compile and install successfully. But i saw these errors in my error file. Is it ok to ignore them. To reduce spurious noise: try gcc, or figure out which

Re: Mail sits in queue

2009-02-04 Thread Victor Duchovni
On Wed, Feb 04, 2009 at 08:58:17AM -0500, Doug Jaquays wrote: - The pickup fifo has been deleted from /var/spool/postfix/public Make sure $queue_directory contains a private/pickup fifo. This is a /var/spool/postfix/public/pickup fifo, there is not a

Re: TimeOut issues

2009-02-04 Thread Victor Duchovni
On Wed, Feb 04, 2009 at 08:52:45AM -0600, Matthew Hebert wrote: smtpd_recipient_restrictions = reject_non_fqdn_recipient reject_non_fqdn_sender reject_unknown_sender_domain reject_unknown_recipient_domain reject_unverified_recipient

Re: postfix queue grep

2009-02-04 Thread Victor Duchovni
On Wed, Feb 04, 2009 at 10:25:21AM +0200, Marc Silver wrote: The tool is available at http://draenor.org/public/python/pqgrep.py Should you find any bugs/problems, please mail me. The regexp parser is IMHO too fuzzy for production use outside your own environment. It will generated false

active - incoming migration (was: Re: postfix queue grep)

2009-02-04 Thread Victor Duchovni
On Wed, Feb 04, 2009 at 12:24:23PM -0500, Wietse Venema wrote: Victor Duchovni: [ Wietse is it safe to move queue files active - hold - incoming in a short time? Could some recipients be delivered twice by two delivery agents in parallel (both deliveries starting after the second

Re: TimeOut issues

2009-02-04 Thread Victor Duchovni
On Wed, Feb 04, 2009 at 03:05:41PM -0600, Matthew Hebert wrote: Thanks for your assistance. We have implemented the changes you requested. We still have have time out issues. We try the following: When I try to telnet server 25 Trying XXX.XXX.XXX... telnet: Unable to connect to

Re: gmail relay and certificates on Fedora 10

2009-02-04 Thread Victor Duchovni
On Wed, Feb 04, 2009 at 06:58:52PM -0500, sean darcy wrote: I followed the instructions on http://www.wormly.com/blog/2008/11/05/relay-gmail-google-smtp-postfix/ to create your own certificate to use with google. You DO NOT need your own TLS-client certificate to submit mail to Google, and

Re: Guidance on owner- prefix added to From and Return-Path

2009-02-05 Thread Victor Duchovni
On Thu, Feb 05, 2009 at 06:42:33AM -0800, Damon Miller wrote: In case anyone else hits this problem, my issue was as follows: 1. 'owner_request_special' was enabled (by default) 2. My MySQL-based 'alias_maps' succeeded for all addresses, including those with an 'owner-' prefix. This

Re: Mail sits in queue

2009-02-05 Thread Victor Duchovni
On Thu, Feb 05, 2009 at 10:02:47AM -0500, Doug Jaquays wrote: Does: # postkick public pickup W move mail out of the queue in a more timely fashion? It does not seem to be anymore effective than mailq -q. Is there any more verbose logging that I can enable for this situation?

Re: Corrupted To: header

2009-02-05 Thread Victor Duchovni
On Thu, Feb 05, 2009 at 07:54:39PM -0200, Clodoaldo Pinto Neto wrote: The To: header I'm sending appears like this in the log: Feb 5 21:27:03 centos5151155 postfix/cleanup[4595]: B1AD3FF9A7: warning: header To: =?utf-8?q?D=C3=A9ste_Sobrenome_Grande_P=C3=B4cas_da_Silva_=3Cclodoaldo=5F?=?

Re: TLS certificate

2009-02-06 Thread Victor Duchovni
On Fri, Feb 06, 2009 at 11:28:17AM +0100, Patrick Ben Koetter wrote: Here's your error: unable to verify the first certificate. Did you add your CA certificate to your CA certificate store ca-bundles.crt (in your case)? In what sense is that an error? He's got a private-label CA cert, why

Re: Mail sits in queue

2009-02-06 Thread Victor Duchovni
On Fri, Feb 06, 2009 at 11:00:31AM -0500, Doug Jaquays wrote: Just to not leave this open-ended. I decided to just switch to Pear::Mail and use that to send directly to our production mail server. I appreciate all of the help provided, but for the small scope of what Postfix was doing and

Re: How to set client_encoding in Postfix - PostgreSQL lookups

2009-02-06 Thread Victor Duchovni
On Fri, Feb 06, 2009 at 11:49:07AM +0100, Michael Monnerie wrote: On Donnerstag 05 Februar 2009 Victor Duchovni wrote: Configure your Postgres database to use a LATIN-1 encoding. WIth this you get a single-byte per character encoding and all byte patterns are valid strings. The problem

Re: Problems with Postfix / Round-Robin

2009-02-06 Thread Victor Duchovni
On Fri, Feb 06, 2009 at 02:49:42PM -0200, Pablo Scheri wrote: mx.trendargentina.com.ar. 0INA10.0.0.207 mx.trendargentina.com.ar. 0INA10.0.0.208 postconf | grep dns disable_dns_lookups = no lmtp_host_lookup = dns

Re: Fwd: Re: TLS certificate

2009-02-06 Thread Victor Duchovni
On Fri, Feb 06, 2009 at 07:13:17PM +0200, Tolga wrote: Who can't use the certificate? I, when I try with Thunderbird from another location. Well, it is Thunderbird that needs to extend its list of trusted CAs not Postfix. No amount of tweaking the Postfix server will make Thunderbird trust

Re: Problems with Postfix / Round-Robin

2009-02-06 Thread Victor Duchovni
On Fri, Feb 06, 2009 at 09:11:43AM -0800, Roderick A. Anderson wrote: mx.trendargentina.com.ar. 0INA10.0.0.208 mx.trendargentina.com.ar. 0INA10.0.0.207 What this says to me is every time Postfix requests the MX for trendargentina.com.ar the name server software will

Re: Enabling stress detection by default

2009-02-06 Thread Victor Duchovni
On Fri, Feb 06, 2009 at 01:37:41PM -0500, Wietse Venema wrote: smtpd_timeout = ${stress?10s}${stress:300s} smtpd_hard_error_limit = ${stress?2}${stress:20} I guess disabling reverse DNS lookups under stress is too drastic. It would certainly not help folks with reject_unknown_client, even if

Re: Trying to write a log parser, need some clarifications about log enteries.

2009-02-06 Thread Victor Duchovni
On Fri, Feb 06, 2009 at 01:30:01PM -0800, Chris St Denis wrote: Anyway, on to the problems. How do I deal with log entries like this. A queue ID is created, but nothing ever happens to it. There is no reject There was one valid recipient, but the mail transaction was not completed.

Re: mailbox integration questions

2009-02-06 Thread Victor Duchovni
On Fri, Feb 06, 2009 at 10:44:12PM -0500, Glen B wrote: I'm not asking for an LDA to deploy. Are you suggesting that I review Dovecot's LDA as an example of how to use a pipe transport? I'm writing a LDA which will be DB native and want some experience based input on which method of

Re: Trying to write a log parser, need some clarifications about log enteries.

2009-02-06 Thread Victor Duchovni
On Fri, Feb 06, 2009 at 05:41:33PM -0800, Chris St Denis wrote: Noel Jones wrote: Victor Duchovni wrote: On Fri, Feb 06, 2009 at 01:30:01PM -0800, Chris St Denis wrote: Anyway, on to the problems. How do I deal with log entries like this. A queue ID is created, but nothing ever happens

Re: postfix blocking yahoo and gmail

2009-02-07 Thread Victor Duchovni
On Sun, Feb 08, 2009 at 01:01:49PM +0800, jan gestre wrote: New logs with reject_rbl_client sbl-xbl.spamhaus.org added to main.cf eb 8 12:49:52 kartero postfix/smtpd[6465]: NOQUEUE: reject: RCPT from web57902.mail.re3.yahoo.com[68.142.236.95]: 554 5.7.1 Service unavailable; Client host

Re: postfix blocking yahoo and gmail

2009-02-07 Thread Victor Duchovni
On Sun, Feb 08, 2009 at 01:23:43PM +0800, jan gestre wrote: Don't use ISP DNS servers that fabricate A records. I'm not using our ISP's DNS , I'm using OpenDNS, I'm using OpenDNS since way back it's only now that I'm getting this strange behavior in my SMTP server. You should not use

Re: postfix blocking yahoo and gmail

2009-02-07 Thread Victor Duchovni
On Sun, Feb 08, 2009 at 02:55:28PM +0800, jan gestre wrote: Where is the best place to put the DNS caching resolver? in the NAT device? or in the Mail Server itself? What kind of NAT device is this? Is it capable of running a non-forwarding DNS cache? If the cache in question has sufficiently

Re: Replacing Message-Id for SASL authenticated senders

2009-02-08 Thread Victor Duchovni
On Sun, Feb 08, 2009 at 06:22:17PM +0100, mouss wrote: I mean replacing or deleting already set Message-Id headers. And it will break MUA driven thread handling - very few people put their Sent mail in the same folders as received mail - even then, MUAs have heuristics to cope with such

Re: postfix blocking yahoo and gmail

2009-02-08 Thread Victor Duchovni
On Sun, Feb 08, 2009 at 03:37:20PM +0800, jan gestre wrote: On Sun, Feb 8, 2009 at 3:05 PM, Victor Duchovni victor.ducho...@morganstanley.com wrote: On Sun, Feb 08, 2009 at 02:55:28PM +0800, jan gestre wrote: Where is the best place to put the DNS caching resolver? in the NAT device

Re: Replacing Message-Id for SASL authenticated senders

2009-02-08 Thread Victor Duchovni
On Sun, Feb 08, 2009 at 09:08:32PM +0100, mouss wrote: No, I was referring to the Sent folder, populated by the MUA, either in a local disk or using IMAP. I know some people clever-enough to set Sent == Inbox, yes this is not very common. I personally have rules that tag outgoing mail into

Re: result_attribute on ldap query

2009-02-08 Thread Victor Duchovni
On Sun, Feb 08, 2009 at 06:38:31PM -0500, Manuel Mely wrote: Hi, I'm configuring postfix to use LDAP as backend db. I have to deal with something that i don't know how to do. For example, i have this conf file: server_host = localhost server_port = 389 bind = yes bind_dn =

Re: Redirect all mail from one domain to the same u...@otherdomain?

2009-02-08 Thread Victor Duchovni
On Sun, Feb 08, 2009 at 09:50:16PM -0800, Jeff Weinberger wrote: I am trying to figure out the best way to map one domain to another with the same users...precisely the behavior I am trying to achieve is: when mail is sent (from outside, or from another user within my postfix

Re: Delaying some email addresses

2009-02-09 Thread Victor Duchovni
On Mon, Feb 09, 2009 at 02:44:09PM +, Jo?o Miguel Neves wrote: Good morning, I'm using spamassassin thru amavisd. I also have a bunch of spamtraps (addresses that were never used by persons, but that receive spam regularly) feeding automatically its bayes filter. Sometimes I get some

Re: Delaying some email addresses

2009-02-09 Thread Victor Duchovni
On Mon, Feb 09, 2009 at 12:00:12PM -0500, Terry Carmen wrote: Don't delay, if your spamtrap addresses are well chosen, have never existed as valid email addresses, and are unlikely to be mistyped accidentally by a human sender, you can just REDIRECT all mail for a spamtrap address to that

Re: Building postfix for packaging

2009-02-09 Thread Victor Duchovni
On Mon, Feb 09, 2009 at 09:41:49AM -0800, Quanah Gibson-Mount wrote: We currently use postfix as a part of our overall product, which means that it ends up being packaged inside our own RPM (or deb, etc) packages, and then redeployed when our product is installed. One thing I've noticed

Re: Building postfix for packaging

2009-02-09 Thread Victor Duchovni
On Mon, Feb 09, 2009 at 10:02:33AM -0800, Quanah Gibson-Mount wrote: You have not read PACKAGE_README. This is really the answer. I missed this document, things should work fine with it. One minor nit in the document, it uses xargs to collect a file list for tar, but the file list may be

Re: Building postfix for packaging

2009-02-09 Thread Victor Duchovni
On Mon, Feb 09, 2009 at 01:17:08PM -0500, Victor Duchovni wrote: On Mon, Feb 09, 2009 at 10:02:33AM -0800, Quanah Gibson-Mount wrote: You have not read PACKAGE_README. This is really the answer. I missed this document, things should work fine with it. One minor nit in the document

Re: Building postfix for packaging

2009-02-09 Thread Victor Duchovni
On Mon, Feb 09, 2009 at 02:13:55PM -0500, Wietse Venema wrote: One minor nit in the document, it uses xargs to collect a file list for tar, but the file list may be too long for one command invocation: % cd INSTALL_ROOT % rm -f SOMEWHERE/outputfile % find . \! -type d

Re: Building postfix for packaging

2009-02-09 Thread Victor Duchovni
On Mon, Feb 09, 2009 at 02:59:02PM -0500, Victor Duchovni wrote: On Mon, Feb 09, 2009 at 02:13:55PM -0500, Wietse Venema wrote: One minor nit in the document, it uses xargs to collect a file list for tar, but the file list may be too long for one command invocation: % cd

Re: Building postfix for packaging

2009-02-09 Thread Victor Duchovni
On Mon, Feb 09, 2009 at 12:19:26PM -0800, Quanah Gibson-Mount wrote: --On Monday, February 09, 2009 12:57 PM -0500 Victor Duchovni victor.ducho...@morganstanley.com wrote: http://www.postfix.org/PACKAGE_README.html And just to confirm, the steps here worked beautifully, thank you

Re: Building postfix for packaging

2009-02-09 Thread Victor Duchovni
On Mon, Feb 09, 2009 at 03:41:34PM -0500, Wietse Venema wrote: It would be nice if there was someway for it to recognize it was already built with a prefix, so no need to go down multiple layers. But I have an easily working solution to it. :) It's good to hear that the instructions

Re: Getting localhost put in my From field

2009-02-09 Thread Victor Duchovni
On Mon, Feb 09, 2009 at 09:43:49PM -0500, Xn Nooby wrote: I have been trying to figure out how to get Postfix to not append localhost in to the From: field. I am sending email mostly between two local users, using RHEL5/Squirrelmail/Postfix/Dovecot. When I send an email from

Re: reject_unverified_sender vs greylisting

2009-02-09 Thread Victor Duchovni
On Tue, Feb 10, 2009 at 07:15:06AM +0100, Juergen P. Meier wrote: If everyone would use SAV, the ammount of SMTP traffic in the Internet would *double*. I bet most heavy duty mailssystems don't scale double. An address probe is MUCH cheaper to process than a message. Address probe results are

Re: Delaying some email addresses

2009-02-10 Thread Victor Duchovni
On Tue, Feb 10, 2009 at 10:29:28AM +, Jo?o Miguel Neves wrote: Don't delay, if your spamtrap addresses are well chosen, have never existed as valid email addresses, and are unlikely to be mistyped accidentally by a human sender, you can just REDIRECT all mail for a spamtrap address to

Re: Delaying some email addresses

2009-02-10 Thread Victor Duchovni
On Tue, Feb 10, 2009 at 04:43:15PM +, Jo?o Miguel Neves wrote: What I'm trying is dealing with the spam sent for a single address. My idea is the following: 1) Spammer sends emails to existing users and spamtraps; 2) Normal users email is frozen for 2 to 5 minutes; 3) Spamtraps are

Re: Delaying some email addresses

2009-02-10 Thread Victor Duchovni
On Tue, Feb 10, 2009 at 06:55:11PM +, Jo?o Miguel Neves wrote: Victor Duchovni escreveu: On Tue, Feb 10, 2009 at 04:43:15PM +, Jo?o Miguel Neves wrote: What I'm trying is dealing with the spam sent for a single address. My You still have not understood what REDIRECT

Re: best way to serve as specific system relay

2009-02-10 Thread Victor Duchovni
On Tue, Feb 10, 2009 at 02:23:45PM -0500, post...@corwyn.net wrote: machines that send FROM: the local address but TO: somewhere else I think I need postfix to serve as a relay for those machines. I think I can fix it by setting check_client_access hash:/etc/postfix/remotebranches BEFORE

Re: Create additional sub-folders postfix/courier

2009-02-10 Thread Victor Duchovni
On Wed, Feb 11, 2009 at 12:55:31AM -0500, post...@corwyn.net wrote: At 11:04 PM 2/10/2009, post...@corwyn.net wrote: At 05:24 PM 2/10/2009, mouss wrote: While I can readily create a user b...@example.com, who has a default maildir location for that sql of 'example.com/bob/' I can't quite

Re: 451 Remote TLS ERROR - Connection closed by peer

2009-02-11 Thread Victor Duchovni
On Wed, Feb 11, 2009 at 04:27:07PM +0100, Ralf Hildebrandt wrote: When sending to nashfinch.com I get: Feb 11 16:23:36 mail postfix/smtp[22382]: setting up TLS connection to nashfinch.com.s5a1.psmtp.com[64.18.4.10]:25 Feb 11 16:23:37 mail postfix/smtp[22382]: Trusted TLS connection

Re: postfix logs, spams and bounce messages

2009-02-11 Thread Victor Duchovni
On Wed, Feb 11, 2009 at 08:05:56PM +0200, ddaas wrote: Feb 3 14:45:57 softexp postfix/smtpd[23394]: NOQUEUE: reject: RCPT from unknown[117.87.x.x]: 554 5.7.1 Service unavailable; Client host [117.87.x.x] blocked using sbl-xbl.spamhaus.org;

Re: postfix benchmark performance

2009-02-11 Thread Victor Duchovni
On Wed, Feb 11, 2009 at 01:41:19PM -0500, Silas Boyd-Wickizer wrote: Hello, I'm doing some experiments with a synthetic benchmark and postfix. My current postfix configuration can deliver ~3000 msg/sec to 1000 virtual mailboxes; however, the system (16 core/4x4 AMD opteron) is ~90% idle.

Re: postfix benchmark performance

2009-02-11 Thread Victor Duchovni
On Wed, Feb 11, 2009 at 02:28:40PM -0500, Silas Boyd-Wickizer wrote: With 16 logical CPUs, in this configuration you'll find your CPU load to be 1/16th of the theoretical maximum + overhead. Your report of 10% is about right. The system has 16 physical execution units: four quad core AMD

Re: Create additional sub-folders postfix/courier

2009-02-11 Thread Victor Duchovni
On Wed, Feb 11, 2009 at 09:24:25PM +0100, mouss wrote: post...@corwyn.net a ?crit : And a last betterer/simpler way to do it. SELECT

Re: How to safely re-inject an archived queue file?

2009-02-12 Thread Victor Duchovni
On Thu, Feb 12, 2009 at 06:51:20AM -0700, Curtis wrote: So, on a box that I know has nothing else feeding into the maildrop queue, it would be safe to skip the step of dropping it in the idle queue of a second instance (on the same filesystem) and running postsuper -s to get a properly named

Re: How to safely re-inject an archived queue file?

2009-02-12 Thread Victor Duchovni
On Thu, Feb 12, 2009 at 08:46:51AM -0700, Curtis wrote: Perfect. Does the pickup command have a trigger like qmgr that I can use with postkick to get the queue file picked up from the maildrop queue immediately? I'm guessing not since there's no mention of it in the man page, but I thought

Re: recipient_delimiter and virtual users

2009-02-12 Thread Victor Duchovni
On Thu, Feb 12, 2009 at 12:33:57PM -0500, post...@corwyn.net wrote: At 04:28 AM 2/12/2009, mouss wrote: recipient_delimiter works out of the box. there is no need to change your tables, your sql statements nor add users. The problem is I don't know what the out of the box behavior should be.

Re: relay through smtps

2009-02-13 Thread Victor Duchovni
On Fri, Feb 13, 2009 at 11:03:31AM -0500, Charles Marcus wrote: On 2/13/2009, gianluca...@interfree.it (gianluca...@interfree.it) wrote: Is it possible relay mail trhough smstps under postfix? Assuming you meant smtps, you can enable this in master.cf, by uncommenting these lines (I'm

Re: Protocol error: host said: 250 2.0.0 Ok (in reply to DATA command)

2009-02-13 Thread Victor Duchovni
On Fri, Feb 13, 2009 at 12:53:23PM -0500, Brian Evans - Postfix List wrote: Carver Banks wrote: Hello Everyone, I am seeing weird bounces on my postfix server and can't quite figure out why... It looks like it is failing while passing the mail off to a spam appliance, but from the

Re: SMTP relay only

2009-02-15 Thread Victor Duchovni
On Sun, Feb 15, 2009 at 03:20:55PM +0100, mouss wrote: Finally I would like to deny message delivery to my mail server.. It should suffice to unset relay_domains or it is too restrictive doing so? to disable local delivery, check the FIREWALL README. I think this means:

Re: postmap changed between 2.3.8 and 2.5.5

2009-02-16 Thread Victor Duchovni
On Mon, Feb 16, 2009 at 10:14:21AM -0500, Wietse Venema wrote: hash == berkly db? that would mean its a poor choice by postfix itself There are plenty platforms where the on-disk format of Berkeley DB database files is stable across many operating system releases. And the only sensible

Re: bounced msg

2009-02-17 Thread Victor Duchovni
On Tue, Feb 17, 2009 at 02:19:19PM -0600, Noel Jones wrote: bharathan kailath wrote: i understood but why two folders 'defer' and 'deferred'! using OpenSuse 10.3 thanks deferred stores the reason why the message is in defer. The other way around, but the idea is right. The defer queue

Re: choosing random ip address for outgoing smtp connection

2009-02-19 Thread Victor Duchovni
On Thu, Feb 19, 2009 at 02:20:39PM -0500, Wietse Venema wrote: /etc/postfix/main.cf check_recipient_access pcre:/etc/postfix/random.pcre /etc/postfix/random.pcre /^(.)(.*)/FILTER smtp$1:$1$2 Regexp recipient lookups are keyed by the full user address, and the character-set

Re: postfix - amavisd - SMTP or LMTP (was: TLS)

2009-02-19 Thread Victor Duchovni
On Thu, Feb 19, 2009 at 07:17:14PM +0100, Mark Martinec wrote: So in summary: either will do, I currently don't have strong arguments to prefer one over the other. Perhaps somebody from the Postfix side can show a preference. If the proxy is not configured to do content-dependent selective

Re: Your Email

2009-02-21 Thread Victor Duchovni
On Sat, Feb 21, 2009 at 07:02:41PM +, Daniel C wrote: Message #1 --- Received: from localhost (homer.mydomain.com [10.0.32.13]) by mail.mydomain.com (Postfix) with ESMTP id 561804498EF for ; Sat, 21 Feb 2009

Re: Your Email

2009-02-21 Thread Victor Duchovni
On Sun, Feb 22, 2009 at 03:35:34AM +, Daniel C wrote: As for Postfix, it has to be used No, this is wrong, the postfix user must not be the owner the virtual mailboxes, and should not be used by the IMAP server to access them. Fix your configuration to avoid this problem. by courrier-imap

Re: Sending SSL/TLS state to Dovecot auth

2009-02-23 Thread Victor Duchovni
On Mon, Feb 23, 2009 at 02:18:01PM -0500, Timo Sirainen wrote: In some setups it's useful for authentication handling to know if the connection is SSL/TLS secured. The patch below should tell this to Dovecot. It compiles, but other than that I haven't yet tested it. How is this useful? It

Re: Sending SSL/TLS state to Dovecot auth

2009-02-23 Thread Victor Duchovni
On Mon, Feb 23, 2009 at 05:40:05PM -0500, Timo Sirainen wrote: It's too late for a few times (until user fixes the client configuration), but not forever (because it won't work until the configuration is fixed). Also with a laptop the initial setup is often done in a relatively safe location

Re: mailbox_size_limit , quota + some other questions

2009-02-23 Thread Victor Duchovni
On Mon, Feb 23, 2009 at 09:13:11PM -0800, Linux Advocate wrote: 2. For a setup of about 1500 virtual users on a centos 5.2 machine with a raid10 array and with 8gb of ram, what settings do i need to change in postfix for better performance with regards to main.cf /master.cf. Dovecot

Re: mailbox_size_limit , quota + some other questions

2009-02-23 Thread Victor Duchovni
On Mon, Feb 23, 2009 at 09:28:18PM -0800, Linux Advocate wrote: Sorry. Allow me to rephrase, is there any setting in postfix (main.cf, master.cf) whereby we can increase the number of threads, memory usage ,etc to allow for higher concurrency? 1500 users is not very many. You

Re: mailbox_size_limit , quota + some other questions

2009-02-24 Thread Victor Duchovni
On Mon, Feb 23, 2009 at 10:41:07PM -0800, Linux Advocate wrote: i have been thinking of using sorbs instead of spamhaus because sorbs allows sites with upto 100k user to connect to them but with spamhaus u are limited to 100users max. Sorbs has a detection rate of about 68% and i was thinking

Re: Deferr mail for only certain users

2009-02-24 Thread Victor Duchovni
On Tue, Feb 24, 2009 at 11:35:07AM -0500, Sahil Tandon wrote: On Feb 24, 2009, at 11:31 AM, Joseph L. Casale jcas...@activenetwerx.com wrote: Is it possible to hold mail destined to only certain users in a queue until I then release it manually? Direct mail for those users to the retry

Re: Deferr mail for only certain users

2009-02-24 Thread Victor Duchovni
On Tue, Feb 24, 2009 at 10:03:08AM -0700, Joseph L. Casale wrote: Direct mail for those users to the retry transport via transport maps. This is not very efficient, because the mail moves between the deferred and active queues until the user's transport setting is updated, and then all

Re: Problem with ldap table lookups and TLS

2009-02-24 Thread Victor Duchovni
On Tue, Feb 24, 2009 at 06:48:12PM -0600, Nick Geron wrote: So as root or my limited rights postfix user this works: #postmap -q j...@example.com ldap:/etc/postfix/ldap/aliases.cf j...@example.com You only show a test running as root, not postfix. What versions of Postfix and OpenLDAP are

Re: Problem with ldap table lookups and TLS

2009-02-25 Thread Victor Duchovni
On Wed, Feb 25, 2009 at 03:30:51PM -0600, Nick Geron wrote: Well, I have found my problem. I probably should have mentioned earlier (how many times has than appeared on this list?) that ldap is used on this system for local user authentication, meaning pam/nss are tied into ldap. I

Re: Problem with ldap table lookups and TLS

2009-02-25 Thread Victor Duchovni
On Wed, Feb 25, 2009 at 05:34:26PM -0600, Nick Geron wrote: This is an OpenLDAP API design issue. The OpenLDAP library (at least up to version 2.3) has a single global SSL_CTX object, that is initialized just once by the first call that creates an SSL-protected LDAP connection. All requests

Re: weird postfix TLS behaviour

2009-02-25 Thread Victor Duchovni
On Wed, Feb 25, 2009 at 04:50:49PM -0800, J Sloan wrote: We have just started doing business with a firm that uses an ironport device, and discovered that postfix will not issue a STARTTLS to that host, whether it's listed in tls_policy_maps with may or encrypt protocols=TLSv1 The policy

Re: weird postfix TLS behaviour

2009-02-25 Thread Victor Duchovni
On Wed, Feb 25, 2009 at 05:50:07PM -0800, J Sloan wrote: Victor Duchovni wrote: On Wed, Feb 25, 2009 at 04:50:49PM -0800, J Sloan wrote: We have just started doing business with a firm that uses an ironport device, and discovered that postfix will not issue a STARTTLS to that host

Second candidate documentation update: smtp_tls_CAfile

2009-02-26 Thread Victor Duchovni
On Wed, Feb 25, 2009 at 08:03:24PM +0100, Manuel P??gouri??-Gonnard wrote: Hmm, isn't it twice the same paragrah (or two versions of it)? May I suggest to update the description of smtpd_tls_CA_file By the way, I'm not sure still whether I understand correctly smptd_CA_path. Would the

Re: using postfix with exchange 2003

2009-02-26 Thread Victor Duchovni
On Thu, Feb 26, 2009 at 10:33:42AM -0500, Nick Smith wrote: Please excuse me if this has been discussed before, i tried searching the archives and the documentation and google and the info seems a bit dated and incomplete and for exchange 5.5. We have an exchange server 2003 (not sbs) at

Re: Multiple Bcc: recipients and delivery after fetchmail

2009-02-26 Thread Victor Duchovni
On Thu, Feb 26, 2009 at 05:05:26PM +0100, Magnus B?ck wrote: Is there a way to solve this on server1? I mean adding recipients somewhere to the mail header so server2 knows where to deliver? I already tried to set enable_original_recipient to yes - in that case a X-Original-To: is added

Re: Postfix + Remote Ldap Server problem

2009-02-27 Thread Victor Duchovni
On Fri, Feb 27, 2009 at 01:04:37PM +0200, vtzan wrote: I have setup Postfix LDAP (postfix-2.5.4-2.sasl2.vda.rhel5) on Centos 5.2 x64 and all features that i have configured are working great EXCEPT from REMOTE LDAP SERVER. I have configured OpenLDAP Server to some other ip on the

Re: Problem with ldap table lookups and TLS

2009-02-27 Thread Victor Duchovni
On Fri, Feb 27, 2009 at 09:35:39AM -0800, Quanah Gibson-Mount wrote: --On Wednesday, February 25, 2009 7:12 PM -0500 Victor Duchovni victor.ducho...@morganstanley.com wrote: Note, the OpenLDAP API design issue is resolved with OpenLDAP 2.4. With OpenLDAP 2.4 it is possible to set the TLS

Re: Can't fix Untrusted TLS connection established

2009-02-27 Thread Victor Duchovni
On Fri, Feb 27, 2009 at 12:56:34PM -0500, Adam Rosi-Kessel wrote: Victor Duchovni wrote, on 2/27/2009 12:50 PM: I'm running postfix on server and client, forcing TLS on both. No matter what I do, I can't seem to solve Untrusted TLS connection established to [...]:587: TLSv1 with cipher ADH

Re: Problem with ldap table lookups and TLS

2009-02-27 Thread Victor Duchovni
On Fri, Feb 27, 2009 at 09:35:39AM -0800, Quanah Gibson-Mount wrote: If you are unable to test this patch at this time, I can do some testing on my systems using OpenLDAP 2.4.15 Postfix 2.5.6. The patch is working for me, please confirm that it is working for you also. It is simple enough

Re: Integrating Lotus Domino Ldap

2009-02-27 Thread Victor Duchovni
On Fri, Feb 27, 2009 at 08:24:32AM -0500, Rich wrote: Has any ever integrated Lotus Domino Ldap with postfix and used it for authentication? If LDAP is providing user login via PAM/nss, you can just use saslauthd -a pam if you want to verify password hashes of non system users, you

Re: postsuper -r not re-resolving aliases

2009-02-27 Thread Victor Duchovni
On Fri, Feb 27, 2009 at 02:34:23PM -0800, Harold Paulson wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello, I have a number of messages in my deferred queue that are destined for an offsite alias, which is currently unreachable. I have changed the alias to point to a local

Re: Plus addressing not delivering to folder

2009-02-27 Thread Victor Duchovni
On Fri, Feb 27, 2009 at 05:48:35PM -0500, Charles Marcus wrote: I'm sure this is something I'm totally missing but I have a system I'm trying to get plus addressing working, and not having any luck. The email is delivered, but just to the Inbox, not to the folder... Plus addressing is

Re: Your Email

2009-02-28 Thread Victor Duchovni
On Sun, Mar 01, 2009 at 03:49:18AM +, Daniel C wrote: I just changed the owner of the IMAP folder and assigned Postfix and courier-authlib to use this new user. It has a UID and GID of 1000. What user does amavis run as? What you say that Postfix uses this new user, what do you mean by

Re: Prioritising outgoing mail

2009-03-02 Thread Victor Duchovni
On Mon, Mar 02, 2009 at 10:44:21PM +0800, Wouter van Marle wrote: Hi list, From me a question that seems to be asked now and then here, but I could not find any answers even on whether this is possible in the first place. I would like to be able to prioritise outgoing e-mail so they do not

Re: Prioritising outgoing mail

2009-03-02 Thread Victor Duchovni
On Mon, Mar 02, 2009 at 11:59:31PM +0800, Wouter van Marle wrote: Use a custom transport for these messages with a low concurrency limit, You mean like installing sendmail or so in parallel to postfix and then have sendmail send out the lower-priority mails? No I mean a Postfix transport,

Re: alias question

2009-03-02 Thread Victor Duchovni
On Mon, Mar 02, 2009 at 12:56:33PM -0600, /dev/rob0 wrote: Massive confusion, and looking back on the thread somewhat, I still think we're lacking a good description of the problem. On Mon March 2 2009 06:31:09 Leonardo Coelho wrote: I'm sorry but i don't get it, if i have this two lines:

Re: Prioritising outgoing mail

2009-03-02 Thread Victor Duchovni
On Tue, Mar 03, 2009 at 11:25:55AM +0800, Wouter van Marle wrote: On Mon, 2009-03-02 at 11:18 -0500, Victor Duchovni wrote: On Mon, Mar 02, 2009 at 11:59:31PM +0800, Wouter van Marle wrote: Use a custom transport for these messages with a low concurrency limit, You mean like

Re: there is no pipe process running

2009-03-03 Thread Victor Duchovni
On Tue, Mar 03, 2009 at 09:17:55AM -0500, Erik Morton wrote: I am assuming that I should have a pipe process running. Is that not the case? Only during a delivery and shortly thereafter, unless pipe(8) exits with a fatal error. On a low-volume server pipe(8) may not be running at any given

Re: there is no pipe process running

2009-03-03 Thread Victor Duchovni
On Tue, Mar 03, 2009 at 10:19:50AM -0500, Erik Morton wrote: Thanks. I am running with -D (strace) and -v enabled and I'm not seeing anything fatal or related to a pipe process. i've defined my filter in master.cf like so: filterunix - n n - 10 pipe -v

Re: there is no pipe process running

2009-03-03 Thread Victor Duchovni
On Tue, Mar 03, 2009 at 10:39:36AM -0500, Erik Morton wrote: Mar 3 10:32:03 my_host postfix/local[2862]: A2629A967B: to=newsw...@myhostname.com, relay=local, delay=0.09, delays=0.07/0.01/0/0.01, dsn=2.0.0, status=sent (forwarded as B0274A969F) This message is delivered via local(8) which

Re: there is no pipe process running

2009-03-03 Thread Victor Duchovni
On Tue, Mar 03, 2009 at 11:07:50AM -0500, Erik Morton wrote: I guess I only expected logging output because I can't see to figure out why the following: filterunix - n n - 10 pipe -v flags=Rq user=my_user argv=/usr/bin/receiver -f ${sender} -- ${recipient}

  1   2   3   4   5   6   7   8   9   10   >