| |
| |
| |
|
Page: 1 2 3 4 5 6
Comments:
<0> n8 mjt
<1> my setup has cyrus authentication using saslauthd to pam to Active Directory (imtest works)..... Postfix using Saslauthd -> pam -> Active Directory (testsaslauthd works) .... my cyrus mailboxes are created manually in /var/lib/cyrus/user/ ... for some damn reason postfix doesn't want to put incoming mail in those mailboxes though... even though they exist.
<0> auth has nothing to do with tests for the mailboxes
<0> [22:41:49] < mjt> local_recipient_maps
<0> or virtual if you are using virtual setup
<1> thanks, I missed that
<2> Just one question more : is it possible to have postfix working with clamav without having to install (and configure...) amavisd ?
<3> does anyone know of a postfix virtual hosting tutorial on FreeBSD is?!? thx
<4> the same tutorials as Linux work
<5> f3ew: But, they're a pain in the arse to follow.
<3> f3ew, thanks. I am missing something then. I am not getting error messages except when I try to login through squirrelmail, nothing in logs
<0> mattyboy: that is squirrelmail part, or even imap
<5> mattyboy: Probably the way you use your imap settings.
<3> I am 'just in case' recompiling courier-imap... didn't think there were any issues though... we'll see.
<3> I saw that I was receiving mail for the default domain... so I guess that was good
<6> is there anyway i can block ips from RBL ( like spamcop database ) is there anyway to pull them and block on the firewall because its givng me lots of load to my email server
<5> xerophyte: Just processing the IPs?
<7> I dunno, can your firewall do that?
<8> Some big-money appliances claim to do that
<5> You could blackhole them I suppose.
<5> But, you'd probably have to code the app yourself.
<6> ek, its linux iptable if i have the ips i can block them
<5> Not a bad idea though.
<6> there no already made application just wondering
<5> xerophyte: Right. But, you don't want to have to check manually.
<6> true
<5> xerophyte: You code at all?
<6> i can code in python something
<6> but just wondering if there already some script which does this stuff
<5> xerophyte: Not that I've found. =/
<6> hmmm
<5> Wouldn't too too rough. There's probably a way to parse pre-created logs too.
<5> Although, it would be as efficient.
<5> You'd have to make your own listening application.
<7> Wait, let's go back one step.
<7> Why are RBL-listed hosts causing a lot of load on your mail server?
<7> You should be able to have them connect and then drop them pretty much right away, if you don't care to wait for RCPT TO.
<5> mendel: Probably because they are trying to connect to the SMTP server a lot.
<5> And every time it verifies the list, it loads the machine (or pipe).
<7> Well yes, but they're going to keep doing that if iptables is handling it too.
<5> Either would ****.
<7> Verifies the list?
<5> mendel: Right. But, they'll be blackholed.
<5> So, it wouldn't be looked at through the mail server.
<5> Just the packet handler.
<5> mendel: Verifies the RBL list?
<7> But if the load problem is lookups, you're still doing lookups.
<5> I agree.
<7> That's why I was asking what the problem was. :)
<7> "How do I move this to iptables" is a solution, not a problem. :)
<5> Not sure if it's an actual "load" problem or a bottleneck problem either.
<7> xerophyte: What's the problem that you think iptables-based checks are going to solve?
<5> mendel: Well, you know...
<5> Once the IP is blackholed, it won't do lookups anymore.
<5> That wouldn't solve the problem completely, but it would help a bunch.
<7> I still don't know what the problem is.
<7> I know what the possibilities are!
<5> mendel: From what I gathered, it was too many lookups for RBL.
<7> No, I mean: I'm waiting for xerophyte to answer
<5> He must be under serious spam flooding or something.
<5> I have a P.O.S. system handling my mail.. And it's been bombed HUGE before..
<5> And it seemed to handle it absolutely fine.
<5> mendel: Well, good luck with that.
<5> :P
<7> Apparently :)
<8> I am happy with RBL blocking. It doesn't cost much in bandwidth.
<5> rob0: I can't see a huge different at all. *shrugs*
<0> would be much more overhead to maintain the packet filter - and a huge block list would cause a fair amount of load too
<7> f3ew: My guess was in SA, and/or without a local caching nameserver
<4> Zerberus the query is just to the NS
<0> f3ew: yes, my comment was about the idea to load RBL data into local packet filtering rules
<0> sorry if i mi***pressed
<4> ah
<0> i feel a well configured local nameserver is essential when running MX services
<4> of course
<8> I heard that MS Exchange *will not* work with a local nameserver, or vice versa maybe.
<8> I thought that was hilarious. Oh, and it's not just an "I heard" thing: a link to the MS Knowledge base was included, and I looked at it,
<0> and they make so much money with that software
<8> And that software makes so much trouble for responsible, clueful sites ...
<7> That wouldn't surprise me -- stuff like Exchange really requires a Microsoft network environment, not just IP.
<0> mendel: that is product politics
<7> (And Windows-land is all about one server per service, it's bizarre)
<8> I had a Postfix site caught between a crossfire of 2 Exchanges with Trend Micro content filtering.
<0> you choose exchange, then you need the server with AD, you have the server then you need client licenses
<7> Yeah, but what's the groupware that isn't like that? Not Notes, that's for sure.
<8> Each of the Trend Micro filters was rejecting the others' rejection notices because of the list of CC'ed users, which of course was being CC'ed all over the world.
<7> Ow
<8> The really funny part is WHY they were rejecting.
<4> abuse@ autoacks
<4> and the other site sends a no such user, from a non <> address
<8> My user triggered the whole thing, as it happens. A man named David Hooker. He included his wife as a CC in the original message.
<8> The rejection was for immoral content.
<8> They didn't want their users cavorting with Hookers.
<4> heh
<7> Nice, today's the 500th day of uptime for our (postfix-based) mail gateway.
<4> nice
<8> Did it turn over its jiffies yet?
<7> yeah, 4 days uptime showing
<7> It's not like there's much reason to reboot such a thing, so it's more praise for our operations folks than postfix or me, but compared to what it replaced it has worked quite well :)
<8> We have one on its third set of jiffies. But only about a year of that has been Postficised.
<7> yeah, this one was new for postfix
<7> it replaced a McAfee WebShield SMTP box which didn't perform so well.
<8> Ours was and still is running qmail. But now qmail is just a glue layer between Postfix and vpopmail.
<4> why?
<8> You mean why not postfix -> vpopmail or virtual_mailbox_domains ? I don't know, it was just quick and easy to do it that way, it's what I understood at the time.
<9> Do I really need a cert of auth to use postfix? I am trying to follow the instructs at: http://freshmeat.net/articles/view/1673/ and one of their steps is creating a ca but I am not having any luck doing so.
<0> Wolftech: only when you want to use TLS
<9> Zerberus: Which, for gmail, I would. Man this ****s.
<0> not at all
<0> why do you need TLS for gmail?
<3> I am getting this error -> fatal: proxymap open failed for table "/usr/local/etc/postfix/mysql_relay_domains_maps.cf": invalid request
<3> I followed the instructions to the 't'... a couple times
<3> this tutorial -> http://postfixwiki.org/index.php?title=Virtual_Users_and_Domains_with_Courier-IMAP_and_MySQL#MySQL_Install
<0> show your postmap -n
<3> postmap -n
<3> postmap: fatal: usage: postmap [-Nfinoprsvw] [-c config_dir] [-d key] [-q key] [map_type:]file...
<0> sorry, postconf -n
<0> fear it is too late for me
<3> alias_database = hash:/usr/local/etc/postfix/aliases
<3> alias_maps = hash:/usr/local/etc/postfix/aliases
<3> command_directory = /usr/local/sbin
<3> config_directory = /usr/local/etc/postfix
<3> daemon_directory = /usr/local/libexec/postfix
<3> debug_peer_level = 2
<3> home_mailbox = Maildir/
<0> no here!
<3> html_directory = no
<3> mail_owner = postfix
<0> stop!
<3> mailq_path = /usr/local/bin/mailq
<3> manpage_directory = /usr/local/man
<3> mydestination = $myhostname, localhost, $mydomain,
<3> mydomain = mydomain.com
<3> myhostname = titus.mydomain.com
<0> stop it!
<3> mynetworks = 192.168.0.0/28, 127.0.0.0/8
<3> myorigin = $mydomain
<3> newaliases_path = /usr/local/bin/newaliases
<3> queue_directory = /var/spool/postfix
<3> readme_directory = no
<3> relay_domains = proxy:/usr/local/etc/postfix/mysql_relay_domains_maps.cf
<3> sample_directory = /usr/local/etc/postfix
<3> sendmail_path = /usr/local/sbin/sendmail
<3> setgid_group = maildrop
<3> unknown_local_recipient_reject_code = 550
<3> virtual_alias_maps = $virtual_maps
<3> virtual_gid_maps = static:88
<0> mattyboy: stop!!!
Return to
#postfix
or
Go to some related
logs:
#css
opie +console +font
firestarter port forward
#python
python walkdir
'Can't call method scheme' Cookies.pm
Ubuntu Error opening/initializing selected video_out(-vo)
Wise Zecke
schumaml -gimpforum
mplayer unmountable_boot_volume
|
|