DevHeads.net

Can anybody comment on this ugly "fix" for Umlauts in realnames?

# Already with Quotes ("=22") thus do nothing
/^From: =\?iso-8859-1\?Q\?=22(.*)=22\?= <(.*)>$/ REPLACE From: =?iso-8859-1?Q?=22$1=22?= <$2>
# No quotes
/^From: =\?iso-8859-1\?Q\?(.*)\?= <(.*)>$/ REPLACE From: =?iso-8859-1?Q?=22$1=22?= <$2>

#becaus:
#wrong =?iso-8859-1?Q?Kr=FCger=2C_Stephanie?=
#correct =?iso-8859-1?Q?=22Dr._med._Stefan_R=F6pke=22?=

Yes, this fails if the encoding is NOT iso-8859-1

Today I found:

Dec 31 20:05:54 mail-ausfall kernel: [876822.781710] smtpd[27410] general protection ip:80813d8 sp:bf9c2d68 error:0 in smtpd[8048000+53000]
Jan 1 21:22:23 mail-ausfall kernel: [967812.555067] smtpd[1590] general protection ip:80813d8 sp:bfbebe28 error:0 in smtpd[8048000+53000]
Jan 2 04:36:23 mail-ausfall kernel: [993852.201068] smtpd[5253] general protection ip:80813d8 sp:bfd2aa38 error:0 in smtpd[8048000+53000]

but these are not backed by any "error" or "fatal" entries in the log;
instead I found these:

Jan 1 20:19:41 mail-ausfall postfix/verify[26329]: fatal: close datab

I tried using sender_canonical_maps to rewrite sender adresses in
envelope & header.

I have amavisd-new setup as a smtpd_proxy_filter.

I was able to get rewriting to work for the headers by using:
local_header_rewrite_clients = static:all

But that's a bit broad, so I tried:

local_header_rewrite_clients = 141.42.206.36

to allow rewriting from my mailbox server only.

I'm aware of
http://tools.ietf.org/html/draft-ietf-krb-wg-kerberos-set-passwd-06
which addresses usernames & passwords with special characters (which
we germans have plenty of).

Is this still a draft or has an RFC replaced it in the meantime?

Is there a ready to use python framework for a policy daemon?
I have a nice idea for a policy daemon :)

Which Postfix restriction generates: "Helo command rejected: Domain not found"?

From the log on albatross.python.org:

Aug 21 15:07:07 albatross postfix/smtpd[15378]: NOQUEUE: reject_warning: RCPT from qmta09.emeryville.ca.mail.comcast.net[76.96.30.96]: 554 5.0.0 : Helo command rejected: Domain
not found; from=<<...> at comcast dot net> to= proto=ESMTP helo=
Aug 21 15:19:42 albatross postfix/smtpd[11319]: NOQUEUE: reject_warning: RCPT from cat.lrt.ru[91.192.244.67]: 554 5.0.0 : Helo

From my logs:

Aug 11 00:00:04 mail-ausfall postfix/master[19771]: warning: service "smtp" (25) has reached its process limit "1": new clients may experience noticeable delays
Aug 11 00:16:46 mail-ausfall postfix/master[19771]: warning: service "smtp" (25) has reached its process limit "1": new clients may experience noticeable delays
Aug 11 00:33:33 mail-ausfall postfix/master[19771]: warning: service "smtp" (25) has reached its process limit "1": new clients may experience noticeable delays
Aug 11 00:50:19 mail-ausfall postfix/master[19771]: warning: service "smtp" (25) has reached its proce

Does Postfix support/use CRLs? I found some articles like
http://www.irbs.net/internet/postfix/0706/0304.html
but I have yet to find something more recnt.

Can I change hash_queue_depth on the fly? I mean, with a queue already
filled? If so, how? stop, change, start?

% awk '/PREGREET/ {print $NF}' /var/log/mail.log |sort | uniq -c | sort -n

emits
...
25 urhousecareer.info??
26 dmx1.bfi0.com??
104 freenet.de??
111 gmx.de??
113 t-online.de??
113 web.de??

But of course the client is never *.web.de, but always some kind of
dialup. maybe I'll whip up some gnuplot graphs...

I'm trying out postscreen. No unexpected explosions so far.

Question:

Jun 16 16:38:48 mail-ausfall postfix/postscreen[22745]: PREGREET 20 after 0.52 from 222.124.4.14: HELO dmx1.bfi0.com??

The client 222.124.4.14 sent "HELO dmx1.bfi0.com??" 0.52s after the
connection was established. But what does the "20" signify?

I'm trying to run two instances, I'm injection on localhost port 10025
into postfix-ram, which has the queue in RAM:

Jun 5 15:35:17 hanni postfix-ram/cleanup[24403]: 45F4A2E369: message-id=<20090605133514.<...> at nanni dot state-of-mind.de>
Jun 5 15:35:17 hanni postfix-ram/qmgr[24345]: 45F4A2E369: from=<<...> at charite dot de>, size=363, nrcpt=1 (queue active)
Jun 5 15:35:18 hanni postfix-ram/smtp[24385]: 45F4A2E369: host digital.ktu.lt[193.219.160.140] said: 452 4.4.5 Insufficient disk space; try again later (in reply to MAIL FROM command)
Jun 5 15:35:18 hanni postfix-ram/smtp[24385]: warn

I built and install 2.6.x today:

% make makefile
% make
% make install

on a pristine machine and tried the
multi-instance support. I did this (fresh from my shell, no edits):

root at hanni:/etc/postfix# postmulti -l -a
- - y /etc/postfix
root at hanni:/etc/postfix# postmulti -I postfix-myinst -e create

### Damn, I cut&pasted it from the instructions, I wanted to name it
differently.

Turns out Wietse was wrong:
http://lwn.net/SubscriberLink/334866/fffe7b1a0716c0e4/

The subject says it all: What became of the global dupfilter?

* Tony Liu :

use transpot_maps with:
hanting.com error:hanting.com does not accept mail

... but then I didn't read the INSTALL document to see if something
changed fundamentally...

The error is:

[src/postmulti]
gcc -Wmissing-prototypes -Wformat -Wl,--as-needed -DUSE_TLS -DHAS_PCRE -DHAS_CDB -DSNAPSHOT -DNONPROD -g -O -I.

When sending to nashfinch.com I get:

Feb 11 16:23:36 mail postfix/smtp[22382]: setting up TLS connection to
nashfinch.com.s5a1.psmtp.com[64.18.4.10]:25

Feb 11 16:23:37 mail postfix/smtp[22382]: Trusted TLS connection
established to nashfinch.com.s5a1.psmtp.com[64.18.4.10]:25: TLSv1 with
cipher AES256-SHA (256/256 bits)

Feb 11 16:23:42 mail postfix/smtp[22382]: BDCC11C35E9: host
nashfinch.com.s5a1.psmtp.com[64.18.4.10] said: 451 Remote TLS ERROR -
Connection closed by peer (state:SSLv2/v3 read server hello A)
(host:[63.85.29.124]) - psmtp (in reply to RCPT TO command)
on all of their 4 Posti

With today's clients, is broken_sasl_auth_clients = yes
still required? Which clients require it anyway?

# qshape deferred |head
T 5 10 20 40 80 160 320 640 1280 1280+
TOTAL 127 3 0 2 2 1 0 3 2 22 92
worldonline.de 41 0 0 0 0 0 0 1 2 10 28
surfeu.de 16 0 0 0 0 0 0 2 0 1 13
tiscali.de 10 0 0 0 0 0 0 0 0 2 8
planet-interkom.de 5 0 0 0 0 0 0 0 0 2 3
addcom.de 3 0 0 0 0 0 0 0 0 0 3

~# host -t mx worldonline.de
worldonline.de MX 10 mx12.unit.tiscali.de
worldonline.de MX 10 mx10.unit.tiscali.de
worldonline.de MX 10 mx11.uni

Which $variables are available in a bounce template?

The second portion of a bounce template consists of message text. As the
above example shows, template message text may contain main.cf
$parameters. Besides the parameters that are defined in main.cf, the
following parameters are treated spe- cially depending on the suffix that
is appended to their name.

I wonder if something like "orig_recipient_domain" is available :)