Postings by Ronald F. Guilmette

mbox format?

Apparently, and much to my surprise, there is more than one mbox format.

I just now stumbled across this, because I am going to be (re-)writing
some small tools I have that do useful things with mail messages stored
in "mbox format":

<a href="" title=""></a>

In the above Wikipedia page, four different flavors of "mbox format"
are described: mboxo, mboxrd, mboxcl, and mboxcl2.

When Postfix hands a message to something... say a script invoked via
some ~/.forward file... which one of these four formats will the message
be in?


I'd very much like to move my (Postfix) mail server, which currently resides
on a (static IP) end-luser broadband line, to some VM in the cloud someplace,
and then use something like fetchmail to poll that periodically to pull
down all mail for my several domains and then have fetchmail re-inject
all of those mail messages into the local Postfix. The plan would be to
get all this running and then give up my local static IP here, exchanging
it for a dynamic one instead.

Maximum simultaneous outbounds ?

I got into a somehwat interesting discussion/argument with a fellow today
about how many different domains could reasonably be supported on a single
IPv4 address, generally speaking.

I pointed out that there's essentially no limits on how many different
domains a single instance of Apache, running on a single IPv4 address,
could support, other than maybe the general limits imposed by available
memory, maximum simultaneously open sockets supported by the underlying
OS, etc. So in theory, one could put a million web sites on a single IPv4
address using Apache.

Re: [users@httpd] 2.4 named virtual hosts question

My thanks to everybody who replied in this thread.

2.4 named virtual hosts question

A simple question. Sorry if this is an FAQ.

I'm just bringing up a fresh VM system that I plan to move my small
handful of web sites to.

I'v so far managed to mostly get apache24 installed and configured.
I've moved all of my web sites over to the new system, and it mostly
all seems to be working, but I ran the "httpd -S" command to see
if that would detect any goof-ups on my part.

Small Enhancement Request

This is a request for a very minor change to the semantics of the
PREPEND <text> result that can be returned from policy servers
and/or from specific entries within an access(5) lookup table.

It would be maximally convenient if the subject <text> could be
interpolated in the following trivial way:

Any literal "\n" (backslash-n) sequence withing <text> is
replaced with an actual newline character.

This trivial change would allow prepending of multiple headers
to the current e-mail message.

This capability would be useful in the context of systems that
tag incoming messages for lat

Another policy server question...


"In case of trouble the policy server must not send a reply. Instead the server
must log a warning and disconnect. Postfix will retry the request at some later


I can easly handle the "log a warning" part, but...

As I understand it, a Postfix policy server is supposed to be reading
incoming requests from stdin.

How exactly does one "disconnect" from stdin? I mean other than by
calling exit() ?

Policy Server (action=PREPEND <text>) Questions (redux)

I posted these questions recently, but either nobody saw my posting
or else nobody thought that these questions wre worth of a reply.

On the chance that it was the former, I am posting these questions
again... because I still do need answers.

I'm building a new policy server, and I have some questions about
the protocol.

"Tagging" of incoming messages... so that they may be specially
handled by post-delivery tools (e.g. procmail and others) is a useful

Internationalized Domain Names (?)

These days, whenever one builds any kind of tool that does
anything with e-mail, it is necessary to think about this
new-fangled phenomenon of Internationalized Domain Names,

In what (if any) mail headers generated by Postfix might one
reasonably expect to find either (a) "punycoded" domain names
or else (b) Unicode characters.

And of course, I have the same two questions with respect to
the requests that are sent from Postfix to any installed and
activated policy server. Within that stuff, where might one
expect to see either (a) punycode or else (b) Unicode?

One more Policy Server question

If I make a change to my policy server and reinstall it, and if I
then execute the command "postfix reload", do the existing running
instances of the -old- policy server continue running?

(The postfix man page says that "reload" causes "running processes"...
whichout specifiying which ones... to "terminate at their earliest
convenience." I'm not sure precisely what that term might mean in
the case of an external policy server.)

Policy Server (action=PREPEND <text>) Questions

I'm building a new policy server, and I have some questions about
the protocol.

"Tagging" of incoming messages... so that they may be specially
handled by post-delivery tools (e.g. procmail and others) is a useful
feature. And I hope to make use of "action=PREPEND <text>" responses
in my policy server to perform such tagging.

Blacklist failure response

I have been thinking of maybe putting up an experimental
anti-spam blocklist server. As far as the client interface,
this would operate in the usual way, i.e. via DNS, just as
all of the current well-known blacklists do.

Due to the (backend) nature of the thing however, it would
probably only provide service ...

Automated personal whitelist (?)

Is there anything which is either a part of, or that works
with Postfix that is capable of automagically maintaining
a personal whitelist of specific e-mail addresses, to which
a given user has previously sent outbound e-mail?

To be clear, although I have the local Postfix configured to
use many different public blacklists, and also some local
domain-based blacklists (in which I have blacklisted all
of, for example) what I am looking for is something
that would effectively override all those filters for specific
e-mail addresses that I have previously sent outbound mail
to, e.g.

"PERMIT" versus "OK"

[[ My apologies to all if you see this message twice, or even three times.
Various and multiple snaufs on my end are to blame, and I'm sorry. ]]


As I was reading again, just now, through the various online documents
and man pages relating to filtering, I realized that there exists a
rather fundamental anomaly, either with the docs or (more likely) with
my understanding.

This page:

<a href="" title=""></a>

says that evaluation stops when a result of PERMIT, REJECT or DEFER is

CIDR Whitelist ?

I really should have figured this out ages ago, but...

Quite simply, there exits a small number of organizations that
run afoul of my various smtpd_recipient_restrictions and/or my
smtpd_helo_restrictions, but from which I need to be able to
receive mail anyway.

Three trivial filtering questions

Does reject_non_fqdn_helo_hostname, when placed in the
smtpd_helo_restrictions, permit clients to HELO/EHLO
with a square-bracket enclosed dotted quad IPv4 address?

If so, is the dotted quad checked to see that it properly
represents the actual IP address of the actual current client?

Also, I have just added all of the following to my

reject_rhsbl_sender m

unused parameter? (policy_time_limit=600)

I've just updated from 2.8.5 to 2.9.1 and now, when I start postfix,
I am getting the following set of messages (that I've never seen before):

/usr/local/sbin/postconf: warning: /usr/local/etc/postfix/ unused parameter: policy_time_limit=600
/usr/local/sbin/postconf: warning: /usr/local/etc/postfix/ unused parameter: policy_time_limit=600
/usr/local/sbin/postconf: warning: /usr/local/etc/postfix/ unused parameter: policy_time_limit=600
/usr/local/sbin/postconf: warning: /usr/local/etc/postfix/ unused parameter: policy_time_limit=600
/usr/local/sbin/postconf: w

Policy daemon stderr ?

Nothing is said within SMTPD_POLICY_README about what happens to any
output produced by a policy daemon on its stderr channel.

Is such output captured? Is it sent to the the same place as other
smtpd log message are currently sent?

If so, that would be most helpful.

access(5) "OTHER ACTIONS" question

In the access(5) man page, it is either explicitly stated or else
easily inferred what XXX response value will be sent back to the
SMTP client for each of the possible values listed in the ACCEPT

What XXX response values will be sent back to the SMTP client for
each of the various possible lookup result values listed in the

I am most particularly interested in obtaining the answer to this
question for the PREPEND and WARN values, but would really like to
know the answer for all of the various values listed within the

Domain-based Whitelists ?

Other than the Spamhaus DWL, is anyone here aware of any publically-queryable
domain-based whitelists?

If so, I'd like to know their names and, wheer applicable, web URLs for any
pages that describe them.



Outflow spam filtering (?)

Hello again friends. Long time no see.

I've gotten myself into a somewhat heated discussion... which seems to
be the only kind I get into these days...

Newbie Question ... getting sources.

My apologies if this is an FAQ... which it almost certainly is...
but would someone (anyone?) be kind enough to take me by the hand
and show me how to obtain sources for, e.g. a few of the "standard"
utilities programs that live in, like, /usr/bin ? You know, like
"cat" and "man" and so forth. (No, those actually _aren't_ the specific
sources that I want to look at, but close enough.)

I am completely new to Ubuntu, and still having a good deal of trouble
figuring out the basic lay-of-the-land as it were.