headers
Renato Salles | 21 Jan 01:02

Re: log error at 127.0.0.1 - mostly solved

Mail was not leaving the system.
Actually, only 5% of messages are - sadly - queued forever.
And another error WAS:

Jan 19 23:06:16 libra postfix/smtp[3227]: 33ABE4F216:
to=<rsalles <at> localhost.rsnet.no-ip.com>, orig_to=<rsalles <at> localhost>,
relay=127.0.0.1[127.0.0.1], delay=3652, status=deferred (lost connection
with 127.0.0.1[127.0.0.1] while sending end
of data -- message may be sent more than once)

Is this the case explained in FAQ about path MTU discover and broken routers friends?

On Sun, 2003-01-19 at 21:41, Renato Salles wrote:
> Hey all,
> 
> First, thank you Simon for your recent release of rpm's postfix.
> I've just installed few minutes ago in one machine at home and it goes
> nicely.
> 
> All the day furnishing perl deps for amavisd-new, and finally ready to
> go (with f-prot as antivirus backend).
> 
> I'm having a issue with log warnings&errors saying:
> 
> spamd[1717]: Bad protocol: header error: Content-lenght mismatch (4059
> vs. 4054)
> lost connection with 127.0.0.1[127.0.0.1] while sending end of data
> 
> Obviously, the result of "postconf -n" can be sended to inspection.
> Thanks,
(Continue reading)

Permalink | Reply | 1 comment |
headers
Wietse Venema | 21 Jan 01:09

Re: log error at 127.0.0.1 - mostly solved

Renato Salles:
> > spamd[1717]: Bad protocol: header error: Content-lenght mismatch (4059
> > vs. 4054)
> > lost connection with 127.0.0.1[127.0.0.1] while sending end of data

People, PLEASE READ logfile error messages.

Mail stays queued because SPAMD aborts.

> relay=127.0.0.1[127.0.0.1], delay=3652, status=deferred (lost connection
> with 127.0.0.1[127.0.0.1] while sending end
> of data -- message may be sent more than once)
> 
> Is this the case explained in FAQ about path MTU discover and
> broken routers friends?

Why not? Perhaps it's a CISCO PIX firewall.

	Wietse
Permalink | Reply | 0 comments |
headers
Thomas Hannan | 21 Jan 02:20

unix:lmtp vs /usr/cyrus/bin/deliver ?

Hi all,

I'm working on a Postfix+Cyrus IMAPd system, and am looking at whether to
have Postfix deliver mail to Cyrus via a unix lmtp socket
(/var/imap/socket/lmtp)
in /etc/postfix/main.cf:
mailbox_transport (or local_transport) = lmtp:unix:/var/imap/socket/lmtp
in /etc/postfix/master.cf:
  lmtp     unix   -    -    n   -    -   lmtp
and in /etc/cyrus.conf under SERVICES:
lmtpunix cmd="lmtpd" listen="/var/imap/socket/lmtp" prefork=1

**OR** use /usr/cyrus/bin/deliver as follows:

in /etc/postfix/master.cf
cyrus     unix  -       n       n       -       -       pipe
  flags= user=cyrus argv=/usr/cyrus/bin/deliver -r ${sender} -m
${extension} ${user}
in /etc/postfix/main.cf:
mailbox_transport = cyrus

Are there any performance/security issues using one method versus the
other? Would one offer me greater flexibility in doing spam filtering (via
regex and/or blacklists), antivirus checking, etc?

We handle mail for 3 domains, and don't have anything too fancy set up for
user authentication on the IMAP side...

Thanks much!
Thomas Hannan
(Continue reading)

Permalink | Reply | 0 comments |
headers
Harald Koch | 21 Jan 01:23
Picon
Favicon

Re: header rewrites (was Re: multiple smtpds on different interfaces)

> (I know I can do it with a content-filter, but I'm trying to avoid the
> tactical nuke if I can :-)

*sigh. One tac-nuke later (following the simple version in
FILTER_README), I have a solution to my masquerading problem. I'm still
curious to see if I can do it without a content-filter, though :-)

(With any luck this message looks like it came from persephone, not from
my laptop :-)

--
Harald Koch <chk <at> pobox.com>

"It takes a child to raze a village."
		-Michael T. Fry
Permalink | Reply | 0 comments |
headers
Wietse Venema | 21 Jan 01:43

Re: unix:lmtp vs /usr/cyrus/bin/deliver ?

Thomas Hannan:
[ Charset ISO-8859-1 unsupported, converting... ]
> Hi all,
> 
> I'm working on a Postfix+Cyrus IMAPd system, and am looking at whether to
> have Postfix deliver mail to Cyrus via a unix lmtp socket
> (/var/imap/socket/lmtp)
> in /etc/postfix/main.cf:
> mailbox_transport (or local_transport) = lmtp:unix:/var/imap/socket/lmtp
> in /etc/postfix/master.cf:
>   lmtp     unix   -    -    n   -    -   lmtp
> and in /etc/cyrus.conf under SERVICES:
> lmtpunix cmd="lmtpd" listen="/var/imap/socket/lmtp" prefork=1

This uses the same mail delivery process multiple times.

> **OR** use /usr/cyrus/bin/deliver as follows:
> 
> in /etc/postfix/master.cf
> cyrus     unix  -       n       n       -       -       pipe
>   flags= user=cyrus argv=/usr/cyrus/bin/deliver -r ${sender} -m
> ${extension} ${user}
> in /etc/postfix/main.cf:
> mailbox_transport = cyrus

This executes the /usr/cyrus/bin/deliver file once for every mail
delivery.

	Wietse
(Continue reading)

Permalink | Reply | 0 comments |
headers
Victor.Duchovni | 21 Jan 01:58
Favicon

Re: FILTER_README for review (was: Problems with filtering, virtual aliases and bounces)


I am glad I am running multiple Postfix instances and don't have to
attempt to understand the maze of connections in master.cf. I hope that
at this point my multi-instance patches could be considered for
inclusion in the next snapshot, have you had a chance to look at
"install.gz" and "start.gz" on Ralf's site?

The "cleanup" configuration looks correct in this version. It occurs to
me that "cleanup" could look at whether "content_filter is set, and
automatically disable either rewriting or header/body/mime checks. This
"stateful" behaviour in cleanup could considerably simplify the
recommended implementation. A parameter or two in main.cf would control
the disabling of each set of checks.

There is a problem with the example that shows separate filters for
groups of domains hosted on separate IP addresses.  These examples
override "relay_domains" in the SMTP server, but the parameter is only
used by the SMTP server in the domain name based trusted client feature
of the deprecated check_relay_domains restriction. None of the
available restrictions use relay_domains directly to implement controls
on the recipient domain, the domain classification is actually
performed by the trivial-rewrite service, so the examples don't work.

The only solution is to either use recipient access tables instead of
reject_unauth_destination, or to use multiple instances. This was
discussed in a recent thread.

Bottom line, while address classes are a major win for clarifying the
domain taxonomy and making transport selection behaviour more flexible
and uniform, by moving more behaviour into the trivial-rewrite service
(Continue reading)

Permalink | Reply | 0 comments |
headers
Jason Mealins | 21 Jan 02:35
Picon
Favicon

question about "local" recipients dealing with cyrus-imapd...

currently I am using postfix 2.0.0.2 + cyrus-imapd-2.1.11.
the two settings I think are relevant are:
"mailbox_transport = cyrus"
"local_recipients_map = "

currently when a piece of email is sent to a specific user or alias, 
postfix does all of the mail_addr_find lookups, then the maps_find 
lookups until it determines that it doesn't know about it, then it 
passes the message along to cyrus which acccepts and delivers if the 
account exists. 

My question is mainly what is the best way to let postfix know that 
the mail account exists so it can do its reject filtering and such 
before the mail gets passed down the pipe, should there be some sort 
of virtual map? or would it be best to just create a local map file, 
and put in an entry every time a user is added to the sasldb2 
database? I guess I am just looking for the best way to make it 
secure and functional since down the road I plan to add in system-
wide spam and virus filtering, which also seems like it will be hard 
due to the good and bad of the cyrus-imapd email blackbox.

thanks for any help in advance.

Jason Mealins

__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com
(Continue reading)

Permalink | Reply | 2 comments |
headers
Larry Hansford | 21 Jan 02:58

Re: body_checks Causes pflogsumm.pl email to be undelivered

At 09:44 AM 1/20/2003, you wrote:
>20-Jan-03 at 09:22, Larry Hansford (lhansfor <at> lch-assoc.com) wrote :
> > At 06:08 AM 1/20/2003, Mike McCandless wrote:
> > >I recently added body_checks to my Postfix config file, after I got
> > >tired of seeing some very specific four letter words in our email.  I
> > >tested getting email with some of these words, and the body_checks did
> > >the trick.  The content of the file is very simple:
> > >
> > >/(word1|word2|word3)/    REJECT reject response
> > >
> > >Now, my daily mail report, generated by pflogsumm.pl, is getting
> > >rejected (undelivered mail returned to sender) because it reports the
> > >offending line, which of course has the words I didn't want to see.
> > >
> > >Is there a way to get around this?  I think the relevant portion of my
> > >config file is:
> >
> > I added the following as the first line of body_checks, and it eliminated
> > the problem:
> >
> > /^           [0-9]?[0-9]?   /   OK
>
>Unless you get 3 figure rejections... I have upwards of 60 for a lot of
>my rejects, they could creep above 100 on a good spammers day
>
>Maybe
>
>/^           [0-9]+   /         # one or more matches
>-or-
>/^           [0-9]{1,4}   /   # one through four matches
(Continue reading)

Permalink | Reply | 0 comments |
headers
Faber Fedor | 21 Jan 03:08

It's not "content filtering" per se...

Hi all,

I've got an interesting little project to do.  At first I'd thought it
would be fairly easy, but after searching freshmeat, goggling for a
couple of days and asking the local gurus, nothing has come up.  So I
figured I'd better check with you guys before I embarass myself and
reinvent the wheel.

Here's what I want to do: I want to monitor the number of emails going
in and out of the box per sender and/or recipient per time.  If Larry
User, who usually sends ten emails a day, suddenly starts sending 100
emails a minute for two hours, I want to know about it by getting an
email. 

I'm thinking of something that combines features of pop-before-smtp
(tracking users over time) and amavisd (hooking directly into the flow
of mail via content filtering as opposed to reading maillog) with
reporting features.

I figured someone already did this, but I can't find anything.  So, I
guess that means I have to roll my own.

Am I on the right track here? Has no one else done this?  If not, do I
want to use content_filter in postfix and hook in my own program
(written in Perl, I hope!) to track headers, reading and writing to dbm
files to figure out what's going on?

Jeez! The more I think about this, the more daunting it seems!

Comments?  Suggestions?  Prayers?
(Continue reading)

Permalink | Reply | 10 comments |
headers
Wietse Venema | 21 Jan 04:27

Re: It's not "content filtering" per se...

Faber Fedor:
> Hi all,
> 
> I've got an interesting little project to do.  At first I'd thought it
> would be fairly easy, but after searching freshmeat, goggling for a
> couple of days and asking the local gurus, nothing has come up.  So I
> figured I'd better check with you guys before I embarass myself and
> reinvent the wheel.
> 
> Here's what I want to do: I want to monitor the number of emails going
> in and out of the box per sender and/or recipient per time.  If Larry
> User, who usually sends ten emails a day, suddenly starts sending 100
> emails a minute for two hours, I want to know about it by getting an
> email. 
> 
> I'm thinking of something that combines features of pop-before-smtp
> (tracking users over time) and amavisd (hooking directly into the flow
> of mail via content filtering as opposed to reading maillog) with
> reporting features.

How about configuring a |command destination in syslog.conf. If this
runs as root, be sure to drop privileges.

	Wietse

> I figured someone already did this, but I can't find anything.  So, I
> guess that means I have to roll my own.
> 
> Am I on the right track here? Has no one else done this?  If not, do I
> want to use content_filter in postfix and hook in my own program
(Continue reading)

Permalink | Reply | 1 comment |

Gmane