DevHeads.net

I have a problem, I'm configuring a mail server with postfix, to handle local
mail, I have a mail server, in which I going to relay all the mails that my
users send, I enter to my server via telnet, and I use the command "ehlo" to
know all the option he have, this option are:

PIPELINING
AUTH PLAIN LOGIN

to send mail through telnet from the inside of my real server I have to
authenticate, authentication have to be encoded in base 64, I put my name and
password encrypted, and the authentication is successful, when i send e-mails
out of my domain they arrive to everyone, if i use a mail client,

Hello,
i used to create on-the-fly mail-addresses with "recipient_delimiter"
set to "."

Now, one of those mail-addresses is heavily receiving spam.

As this mail-address is of the form "user.sub@...", cannot just remove
the user "user.sub" from my list of users.

I would like to reject any mail to "user.sub@..." as early as possible
while still allowing mail to any other "user.sub2@..." or "user@...".

So far, i could only find "check_recipient_access" that points to a file
contains addresses to be rejected.
But as far as i can tell, this is already quite late in processing the
mails!

I

Hi,

I've just noticed that the one alias I've had suddenly stopped working
from unknown reason. I'm using MySQL to keep all domains, users and
configuration for them and when I send an email to an alias it bounces
back with error:
<<...> at meil dot me>: User has moved to <...> at meil dot me
It's been working for ages and suddenly stopped. Any ideas ?

Thank you for your help in advance.

Regards,
Jarek

Hi

I host 6 mail domains. When I validate my mx configuration online with mxtoolbox.com, I got a fail with reverse dns lookup, my localhostname of the server is bsd5.homedom.local, and that is the domain reverse dns tested, ofcourse it fails hense it is not a public domain, but a local domain.
How do I config postfix to reply with correct banner acording to the public domain tested, 1 of 6 public domain names, and not the localhost name

Rgds John

Malling Ayurveda Produkter
www.soapnut.dk

I have a user on fixed IP adsl,
is that a bad idea to add his IP to my Postfix server to allow him smtp use ?

if it's OK, where do I add his IP ? do I add it in mynetworks ?

I currently have
mynetworks = mail.host.ip 127.0.0.1

Hi.

System A has postfix, and can relay successfully email through Gmail.
System A is 192.168.1.56
System B is 192.168.1.59

System B has Postfix, and has the line
relayhost [192.196.1.56]:25

I'd like to be able to have System B, relay it's mail through the
configured Postfix on System A.

When I simply try on System B, to send an email, I get a "Connection
Refused:" err in the log file of System B.

The docs imply that the Postfix on System A should be "open" to
connections from other systems in the same 192.168.1.x subnet.

I have Postfix with SMTP AUTH with self issued certificate, it all works
well (as long as I don't touch it..)

I have now "allowed" some users to use SMTP AUTH, but, some of their mail
then gets evaluated as 'spam' by amavisd/spamassasin scores, amongst
these, 'dynamic ip' type scores

am I correctly exempting SMTP AUTH users from unnecessary anti-spam evals
such as 'dynamic ip' 'direct access to smpt host' type of evals ?

or is this something I need to in amavisd/spamassasin ?

in other words, is my postfix setup correct ?

This patch adds a "reject_rhsbl_reverse_client" function that
uses the unverified client hostname for the RBL lookup.

The idea is that this might increase rhsbl hit rates if the
hostname is more frequently available. On the other hand,
spam-only domains seem to usually have verifiable hostnames,
so I'm not sure how much this will really help.

This "seems to work", but the usual disclaimers apply.

Comments welcome.

-- Noel Jones

I have been looking through archives and through the man pages and
thought I'd go ahead and post my question.

My situation is this:

I need to deliver mail coming in addressed to a specific domain to two
separate transports. There are no mailboxes local to the server at all.
However, I did not think it was possible to configure two separate
transports in this manner. Our server is acting as a scanning gateway
and passes the message on after performing this task.

I then began to look at possibly using recipient_bcc_maps.

What happened to the Ralf and Patrick Book of Postfix book that seems to be
out of print? Is there another edition scheduled or was the market just not
large enough to keep the book in print?

Is there another Postfix book recommended by the group?

Thanks.

That's precisely what I don't want to do.

1. all mail from inside goes to this (edge - 1 ) postfix box.

2. if from trusted/don't-scan-it <...> at domain dot tld, then don't go to edge/out-MX relayhost, resolve/send directly to Internet.

3. if not from <...> at domain dot tld, then send to relayhost.

Len

Part of my configuration:

smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_recipient_restrictions =
permit_mynetworks
reject_unauth_destination
---> check_sender_access cidr:/etc/postfix/accept_by_ip
reject_invalid_helo_hostname
reject_non_fqdn_helo_hostname
reject_unknown_sender_domain
check_helo_access pcre:/etc/postfix/helo_check
reject_unauth_pipelining
---> check_sender_access hash:/etc/postfix/accept_by_domain
reject_rbl_client zen.spamhaus.org
check_sender_access cidr:/etc/postfix/reject_by_ip
check_sender_ac

I have Postfix with SMTP AUTH with self issued certificate, all works well

when a remote Outlook or Thunderbird attempts to use it, it get's a
dialogue like;

'security certificate can not be verified'

what file(s) do I need to provide to remote mail clients to suppress the
warning ?

do I simply provide 'raw' file(s) from /etc/postfix/tls ?

do the Outlook/Thunderbird users then import this file ?

Man for CIDR_TABLE(5) says:

" /etc/postfix/client.cidr:
# Rule order matters.

Hi all,
I don't know if dispatcher is the exact word to express this concept but I
need that a postfix server doen't send the mail directly but it can pass
this mail to send to one of a series of postfix series that are the actual
senders of the mail..this server are parts of my network, I have just
installed them...

Other mail server can do this, only they need to receive the list of
addresses of the mail servers but I use postfix so I'd like to do this using
it....

Is there some keyword to configure this behaviour in postfix?

thanks everybody!

Hello,

i want to do a exact calculating quota with postfix<->mysql to reject incoming mails if user is over quota.
Complete storage-statistics+quota is done by dovecot in background.
Currently i use check_recipient_access mysql:/path/mysql.conf to get return value.
But for an exact calculation i misses value of current mailsize to calculate expected storageconsumption.
Is there a way to get size of mail into my sql-query?
My 2nd option would be a policy-service which gets mailsize delivered as attribut by postfixserver.
Whats the better way?

Thanks,
Andre

Manao ahoana, Hello, Bonjour,

I took the administration of an old (Debian Etch + some Backports)
Postfix server and in its main.cf file, there is an important parameter:
virtual_mailbox_limit_maps.

It is used that way:
virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/sql/vmailsize

/etc/postfix/sql/vmailsize contains database information (dbname,
username, quota field,...)

I move that configuration to a newer server (Debian Lenny with
the Official Postfix Debian package) and the per-mailbox (Maildir)
quota (limit) is not working.

I suspect virtual_mailbox_limit_maps not to be in

Hi!

I'm getting a couple of this "bad header" messages:

250 2.6.0 Ok, message with invalid header discarded, id=18740-03 -
Non-encoded 8-bit data (char F6 hex) in message header 'Subject':
Subject: Tar kraftorder i F\\366renade arabemir...)

I think its because there is an "ö" -letter in the subject but I tried
sending a mail to myself with "å ä ö" in the subject and it didn't get
bad header. Can it be his mail-client thats the problem?
I'm not really sure what Non-encoded 8-bit means.

Why do I get that message?

Hi all,

I have a Postfix virtual users setup based on mysql tables. Messages are
stored in Maildir format. Maildirs are owned by "vmail:vmail" .
I want another user to be able to read those Maildir files so I added him
to the "vmail" group.
Unfortunately Postfix seems to create the directory structure with
permissions 700 when I actually need 740 (group readable)

dsrv:~# ls -alh /var/mail/virtual/domain.com/
drwx--S--- 5 vmail vmail 120 2010-03-02 07:52 kvf2igxx

Thanks.
-JK

matching Maildir once the first message has been received.

maildirs for users whose name starts with "../../", shell special
characters, and so on. For these reasons Postfix will not allow

Hi Wietse,

Thank you for the response. I am working on a disposable e-mail addressing
service thus need to accept mail for any username. The message files will
be read by the WWW daemon on a drive that shadow copies the primary
Postifx Maildirs.

Hi all.
I have a Postfix virtual users setup based on mysql tables. Messages are
stored in Maildir format.
I am aware that creating a virtual alias @domain1.com -> <...> at domain2 dot com
will make Postfix accept emails for any username and deliver them to
<...> at domain2 dot com.

Is it possible to do the same thing with users?

Greetings

I had several of these on my primary MX this weekend and one just
popped up.

The relay_domains documentation says:
Specify a list of host or domain names, "/file/name" patterns ...

Would "/file/name" contain one domain per line?

And would changes require "postfix reload"?

Best regards,

wolfgang

All right. I try to pinpoint the problem from somewhere else.

Thank you

hannu

Niemi Hannu:

That pop-up has an error message of:

4.5.3 Too many recipients

That is not a Postfix error message, and of course this message
does not show up in SMTP logging.

Hi all

I runnig a postfix server but now i notice Emails from my server is being
blocked by some ISPs because they claim it has a bogus helo,
I just checked the list and my IP is not listed as a spammer,

this only happens to certain email addresses, 97% of mail still goes through
fine, just the odd one.

my dns is working good

not sure what is causing this ?

thanks in advanced

I am getting ready to step up my Postfix version from
postfix-2.3.3-2.1.el5_2 (Package maintainers version) to Simon's
binary RPM 2.7.0 package. Currently I checked out the 'Release Notes":

http://de.postfix.org/ftpmirror/official/postfix-2.7.0.RELEASE_NOTES

From what I read, no functionalist has been removed but I am stepping
up from such an old version granted it's the latest version available
from Red Hat Enterprise Linux, there could be problems with my
particular configuration.

Hi List,

I have an old postfix install where I am getting "timeout after
CONNECT from" error messages upon e-mails being send from one
particular host. The user is complaining that he is not able to send
out any e-mail. Other users from the same system are sending mail
happily without errors. User claims to use MS Outlook client. He was
trying to send an e-mail with about 500 recipients in one mail (no
comment) but he says before it was processed without problems.

Hello

I have been fighting with a problem with Postfix. There are some users that insist on sending mail to large groups of recipients (yes I know that mailman or similar is made for that) and there is a limit of number of recipients, which I have after extensive testing managed to pinpoint to 500 recipients. Less or equal amount goes, 501 not.

Hello

I get this error since few hours :

(Host or domain name not found. Name service error for
name=bart.esiee.fr type=A: Host not found, try again)

the machine bart.esiee.fr has a FQDN and is
on my LAN , any idea of what happen ?

mail# nslookup bart
Server: 147.215.1.4
Address: 147.215.1.4#53

Name: bart.esiee.fr
Address: 147.215.1.20

Thanks a lot

After becoming frustrated with our current (non-postfix/dovecot) mailserver's IMAP performance, I setup postfix+dovecot+mysql on a MacPro running Snow Leopard (10.6.2) using MacPorts and an unused domain. After getting it working and playing with it a bit I now have what is likely a very-wet-behind-the-ears newbie question:

When it's time to swap servers, is there a preferred recipe to move to new hardware while using the same domain?

Hi everybody!

I'm trying to implement a blocklist based on a MySQL lookuptable. It works
for returning single values like REJECT or OK, but I want it to return 4XX
"some text" the same way as can be done using a standard accessmap.

What is the most straight method of hooking up a milter for blackhole
services. I've had more than a fewest suggestions and read a few
different methods, but I'm left puzzled as to the best means of doing
this.

Ruben

Hi,

I installed postfix on a machine, which has been configured as a mail relay server.
I want it to do 2 things:
A. accept requests from only trusted SMTP clients
B.

Hello
If I use the command
# mail -v <...> at domain dot com I get the folloing
Mail delivery status report will be mailed to
But then I get MAILER-DAEMON (mail transport unavailable)

Using FreeBSD 7.2
Postfix 2.6.5
And second instance running

Thanks in advance
_ Motty

Hello,

I'm enhancing a program I use to follow Postfix logs in sort of real-time. It does a couple of things, and the most important is to record a single-line summaries for each message, storing source IP address, from, to, timestamp, size, final delivery destination (mail relay or mailbox) and status.

is there away to stop prepend: header from being added to the logs?

Forgive me if this has been asked (or point me thusly):

My postfix box is getting e-mails where <...> at whatever dot com
sends to <...> at whereverelse dot com and uses a valid e-mail
address on my server for the return, so I get a non-delivery e-mail from
the <...> at whateverelse dot com mail server to the client
(virtual hosted) on my server. How can I block clients on my box from
getting these e-mails or discard these automatically, will postfix do
this?

Does anyone happen to know if anyone is kindly dedicating their time
to creating a Postfix 2.7 RPM for download? I know this is extremely
time consuming but I am really interested to try out Postfix 2.7 on my
CentOS x64 server. I realize Simon was responsible for creating the
previous RPM's available on a mirror but I don't know if he is still
doing so.

Hi all

This is probably a rank newbie question, but I've been unable to find
an answer via Google or the archives, so hopefully someone here can
point me in the right direction.

As I understand it, smtpd_banner is used for both the banner line when
someone connects to my server, and also when Postfix connects to
another server to send mail.

Hi Folks,

To prevent spammers sending email from spoofed addressed that appear
from my domain, I currently use SPF. I'm having second thoughts about
using SPF, so is there any other way to make sure that only
authenticated users can send email from my domain?

Thanks

Hi Folks,

As many of you will probably know, SPF breaks forwarding using aliases.
The solution is to re-write the from-evenlope when forwarding email.

Does anyone know how to do this with postfix?

Thanks

Jonny

Hi Everyone,

I'm using tumgreyspf. I need to add the following line to my main.cf to
make it work:

check_policy_service unix:private/tumgreyspf

Some servers arn't being greylisted.

One of our clients sends contract notes to their customers and they
require to store all logs of deliveries/bounces by some law.

They have requirements like

* The log should contain the full date including year
* The log line should indicate full info -->
sender,rcpt,datetime,size,status

I have managed to add custom logs in postfix source in bounce.c and
sent.c. (Thanks to the neatly structured code it wasnt much of an
effort)

Only problem is when a message expires there is no log line that says
$queue-id: "$sender" to "$rcpt" status=expired

How can I log this ?

Thanks
Ram

1 messages rejected with banned file names.

Banned File Names:
.exe,.exe-unix,scellius_600_PLUGIN_linux-2.6.9/bin/request: 1 Times(s)
From:
209.85.220.217 1 Time(s)

ALERTE ALERTE Virii

Hello,

I am trying to build a flexible mail system using different combinations
of mailing softwares (eg. Postfix & maildrop & Dovecot, Exim & Dovecot,
qmail & maildrop & Courier IMAP ...), at any time system administrator
may decide to interchange between combinations without making a design
change.

Hi,

I have a Postfix 2.6 relaying tons of emails to millions email addresses
and domains.

I have listed tens of thousands of email addresses and domains to which
I don't want to relay any more.

Is there a way to manage a local blacklist without spamassassin?
However, up to now I think spamassassin is for local delivery, not relay.

So I have a file of more than 100,000 email addresses and another made
of bad domains.

I can write scripts in shell, php, perl,....

Your help will be welcomed.

Patrick

I'm getting a variety of spam mail form certain places that seems to be
repeating itself and would like to know what is the best way to blacklist
these or block them.

mmtlnx:~ # postconf -n

alias_maps = hash:/etc/aliases

biff = no

canonical_maps = hash:/etc/postfix/canonical

command_directory = /usr/sbin

config_directory = /etc/postfix

daemon_directory = /usr/lib/postfix

debug_peer_level = 2

default_rbl_reply = $rbl_code SPAM; $rbl_class [$rbl_what] blocked using
$rbl_domain${rbl_reason?; $rbl_reason} - Phone +61 412 126 166 if you
believe this to be in error.

defer_transports =

is this param server-wide, or can it be present in smtpd_*_restrictions ?

Len

When
a message is sent to our postfix MX it seems to be stripping the
recipients down to 8. We have been running postfix for many years and
have never had anyone complain about this but I have confirmed the
issue and cannot figure out the cause.

If I send mail directly to our mailbox application (smarter mail) it
does not strip the recipients, and other recipients in the e-mail who
are deliver to hosts like aol.com and gmail have the full recipient
list in tact.