Postings by zhong ming wu

dns lookup problem


I am getting a dns lookup problem when I move a postfix server inside a docker container. (the sole purpose of this internal server to deliver mail for the virtual addresses.

guidance on data persistence?


When moving postfix to docker, I run into the issue that when the
containers go away postfix queued mail will get lost unless I made an
effort to persist on the host.

A naive attempt to simply map an empty folder on the host as
`/var/spool/postifx` on the container does not work, because postfix
expects some empty folders there.

My first question is that given a postfix installation, is there a command
I can run to initialize the directory tree to be saved on a persisted
volume which is to be mounted in the container?

There may be a way to pre-create this folder structure on the host

directing logs to remote syslog with any local syslog instance

I had successfully used postfix for years and now I am trying to recreate
postfix clusters in docker and in particular interested in how I can direct
all postfix logs from a container to other places.

I do not find in postfix configuration how one can achieve this without any
local syslog daemon.

.psql_history file is messed up and control-r does not work

My .psql_history contains lines of the form.


My psql client is 9.1.2 on Mac OS and server is linux 9.0.5

Is the version mismatch messing up this .psql_history file?

Also control-r to search the history isn't working at psql prompt from
Mac although it does work if I log in to server where client and
server are the same version.

Thanks for any assistance in this issue.

mr. wu

hot standby waiting for invalid wal file

Dear List

Since 9.0 comes out, I had been successfully using wal file shipping
readonly hotstandby feature in pg. I am currently trying to
reestablish a readonly slave after master node failure.

The newly established master server is working properly.

stunnel with just postgresql client part


My postgresql client (ejabberd postgresql lib) does not seem to be
capable of ssl connection to postgresql server (with hostssl in

So I tried to use run stunnel on the client box (ejabberd).

ssl connection strangely stops working

Dear List

I am not a very experienced user of jdbc although have been using
postgresql for many years having done many server installation and
administering them.

From three different systems (mac, windows, and centos virtualbox)
behind 1 ip address I had succeeded in getting ssl connection to a
remote server via jdbc.

how to direct local mail on secondary back up mx server


Following online documentation I have properly set up a secondary back up mx
server (for domain which relay email properly to primary.

But there is a problem with how to have mails generated automatically
such as mails from cron delivered to fully qualified addresses
without having to check all the application config. For example I would like
logwatch email normally directed to root on the back up machine to go to an virtual address.

port warded (iptables) postgres


I have successfully used iptables to direct ports for other services.
For example I run apache on 8443 on and
use iptable to direct traffic to public ip on 443. Trying the same
with postgresql does not seem to work properly.

I was wondering whether anyone has successfully used iptables +
postgres this way

Thanks in advance

Mr. Wu

use wal archiving scheme from 8.1 on 9.0

Hello List

I have a nicely working system of maintaining a cold standby of master
8.1.11 server. System consists of a set of scripts to do a base
backup to standby and scheme to send wal files and restoring the cold
standby should the master server break down

I have another totally separate postgresql server 8.4.4 that stands
alone (without any slave standby server). I wish to upgrade this
8.4.4 server to 9.0.1 and at the same time build a hot standby server
for read-only queries.

Feature request for this mail list

I looked on PG website but couldn't find admin email for this list

I would like list emails to have extra 'reply-to' header addressed to the

Is it too much to ask? When replying from a mobile client it can be tricky
without + even from a bigger client most often I forgot

Is this a known feature of 8.1 SSL connection?

I don't recall this being an issue with 8.4 I am also using

Say your 8.1 server has SSL on. Even though pg_hba.conf have

host or hostnossl .... md5

either server or 8.1 psql insists that you have .postgresql/postgresql.*

Does that make sense to you?

Note: no "cert" in pg_hba.conf

variable name in plpgsql

It seems that one cannot use the variable name that is the same as the
column name of a relation like in the following function

As far as I can see this isn't documented anywhere.

return setof : alternatives to holder table

Hello List,

I have a plpgsql function returning a set of records. The record is
effectively a join of some tables.

For example, table a (column a1,column a2,column a3,column a4)

table b(column b1,column b2,column b4)

I am returning a set of (a2,a4,b2). What I do now is to create a empty table

foo(column a2,column a4,column b2)

then in my function I have

record r foo%rowtype

I'm not happy with this solution because this foo tables has to be kept around

Thanks for any better solution to this


crl support?

Dear List

I don't find anywhere in TLS documentation how to make postfix respect a crl
so that client's whose certs have been revoked cannot use the submission server.

Can someone please confirm that this feature is supported or not?

Thanks override parameters exception list?

Hi List

I find that not all parameters in can be overridden in with -o.

So far I find that for example header_check , smtpd_data_restrictions,
and inet_interfaces cannot be overridden in
Is there a list of such parameters documented somewhere?

I am using three different postfix personalities defined in
One for local processes listening at loopback

client certificate handling with TLS + sasl

Dear List

I am using dovecot sasl with postfix smtp-auth. I also use tls with
both dovecot imap/pop server to retrieve mails and
also tls with postfix for submission to the relay server.

With dovecot I can have my mail client send a certificate and make
dovecote use CN field of the cert as username
to authenticate. If I enable that feature in dovecot, postfix
authentication does not work despite the fact that I am also
sending the same cert to postfix.

allow mail delivery during sasl server downtime?

Dear List

Last time I have configured postfix was many years ago with version
2.3. Now I wish to upgrade to 2.7 and also change
configuration by adding dovecot sasl authentication. It is working
as expected. Public can deliver mail to my domain
without authentication. authenticated users can use the server as a
relay to anywhere.

My concern is that with my config if dovecot server were to go down
for any reason at all postfix cannot accept mail delivery.