Loading ...
Sorry, an error occurred while loading the content.

Another LDAP question

Expand Messages
  • donovan
    greetings here is the error i am receiving. the LDAP server is remote. It seems that the file format is incorrect or something. It should not be looking at
    Message 1 of 19 , Mar 30, 2006
    • 0 Attachment
      greetings

      here is the error i am receiving. the LDAP server is remote. It seems
      that the file format is incorrect or something. It should not be
      looking at localhost.

      postmap: warning: dict_ldap_connect: Unable to bind to server ldap://
      localhost:389 as : -1 (Can't contact LDAP server)

      ( yes the server is running )

      ldaptransport

      server_host = 10.135.1.10
      search_base = dc=odm,dc=beth,dc=k12,dc=pa,dc=us
      query_filter = (mail=%s)
      result_attribute = mailHost
      result_filter = smtp:[%s]

      Created with postmap ldaptransport

      postconf -n
      command_directory = /usr/sbin
      config_directory = /etc/postfix
      daemon_directory = /usr/libexec/postfix
      debug_peer_level = 2
      enable_server_options = yes
      html_directory = no
      inet_interfaces = all
      mail_owner = postfix
      mailbox_size_limit = 0
      mailbox_transport = cyrus
      mailq_path = /usr/bin/mailq
      manpage_directory = /usr/share/man
      mydomain_fallback = localhost
      myhostname = smtp1.beth.k12.pa.us
      mynetworks = 127.0.0.1/32,10.135.0.0/16
      mynetworks_style = host
      newaliases_path = /usr/bin/newaliases
      queue_directory = /private/var/spool/postfix
      readme_directory = /usr/share/doc/postfix
      sample_directory = /usr/share/doc/postfix/examples
      sendmail_path = /usr/sbin/sendmail
      setgid_group = postdrop
      smtpd_pw_server_security_options = none
      smtpd_recipient_restrictions =
      permit_mynetworks,reject_unauth_destination,permit
      smtpd_sasl_auth_enable = no
      smtpd_tls_key_file =
      smtpd_use_pw_server = no
      transport_maps = ldap:ldaptransport
      unknown_local_recipient_reject_code = 550


      smtp1:/etc/postfix root# postmap -q 'lukeskywalker' ldap:ldaptransport
      postmap: warning: dict_ldap_connect: Unable to bind to server ldap://
      localhost:389 as : -1 (Can't contact LDAP server)
    • Arya, Manish Kumar
      try to do telnet 10.135.1.10 389 from ur postfix box, check if this works or not. -manish ... __________________________________________________ Do You
      Message 2 of 19 , Mar 30, 2006
      • 0 Attachment
        try to do "telnet 10.135.1.10 389" from ur postfix
        box, check if this works or not.

        -manish


        --- donovan <donovan@...> wrote:

        > greetings
        >
        > here is the error i am receiving. the LDAP server is
        > remote. It seems
        > that the file format is incorrect or something. It
        > should not be
        > looking at localhost.
        >
        > postmap: warning: dict_ldap_connect: Unable to bind
        > to server ldap://
        > localhost:389 as : -1 (Can't contact LDAP server)
        >
        > ( yes the server is running )
        >
        > ldaptransport
        >
        > server_host = 10.135.1.10
        > search_base = dc=odm,dc=beth,dc=k12,dc=pa,dc=us
        > query_filter = (mail=%s)
        > result_attribute = mailHost
        > result_filter = smtp:[%s]
        >
        > Created with postmap ldaptransport
        >
        > postconf -n
        > command_directory = /usr/sbin
        > config_directory = /etc/postfix
        > daemon_directory = /usr/libexec/postfix
        > debug_peer_level = 2
        > enable_server_options = yes
        > html_directory = no
        > inet_interfaces = all
        > mail_owner = postfix
        > mailbox_size_limit = 0
        > mailbox_transport = cyrus
        > mailq_path = /usr/bin/mailq
        > manpage_directory = /usr/share/man
        > mydomain_fallback = localhost
        > myhostname = smtp1.beth.k12.pa.us
        > mynetworks = 127.0.0.1/32,10.135.0.0/16
        > mynetworks_style = host
        > newaliases_path = /usr/bin/newaliases
        > queue_directory = /private/var/spool/postfix
        > readme_directory = /usr/share/doc/postfix
        > sample_directory = /usr/share/doc/postfix/examples
        > sendmail_path = /usr/sbin/sendmail
        > setgid_group = postdrop
        > smtpd_pw_server_security_options = none
        > smtpd_recipient_restrictions =
        > permit_mynetworks,reject_unauth_destination,permit
        > smtpd_sasl_auth_enable = no
        > smtpd_tls_key_file =
        > smtpd_use_pw_server = no
        > transport_maps = ldap:ldaptransport
        > unknown_local_recipient_reject_code = 550
        >
        >
        > smtp1:/etc/postfix root# postmap -q 'lukeskywalker'
        > ldap:ldaptransport
        > postmap: warning: dict_ldap_connect: Unable to bind
        > to server ldap://
        > localhost:389 as : -1 (Can't contact LDAP server)
        >
        >
        >
        >
        >


        __________________________________________________
        Do You Yahoo!?
        Tired of spam? Yahoo! Mail has the best spam
        protection around
        http://mail.yahoo.com

        __________________________________________________
        Do You Yahoo!?
        Tired of spam? Yahoo! Mail has the best spam protection around
        http://mail.yahoo.com
      • donovan
        ... my bad smtp1:/etc/postfix root# telnet 10.135.1.10 389 Trying 10.135.1.10... Connected to odm.beth.k12.pa.us. Escape character is ^] . so it s there but
        Message 3 of 19 , Mar 30, 2006
        • 0 Attachment

          On Mar 30, 2006, at 8:34 AM, Arya, Manish Kumar wrote:

          Do

          smtp1:/etc/postfix root# telnet 10.135.1.10 389

          NOT

          smtp1:/etc/postfix root# telnet 10.135.1.10:389


          -manish


          my bad


          smtp1:/etc/postfix root# telnet 10.135.1.10 389
          Trying 10.135.1.10...
          Connected to odm.beth.k12.pa.us.
          Escape character is '^]'.

          so it's there but not reading the correct host info.
          I have also tried;

          server_host = ldap://odm.beth.k12.pa.us:389
          search_base = dc=odm,dc=beth,dc=k12,dc=pa,dc=us
          query_filter = (mail=%s)
          result_attribute = mailHost
          result_filter = smtp:[%s]
          bind = no

          same deal.

          --jeff
        • Victor Duchovni
          ... Report output of postmap -v -q key ldap:... . This will show which step of the LDAP lookup failed. If this does not yield enough information, consider add
          Message 4 of 19 , Mar 30, 2006
          • 0 Attachment
            On Thu, Mar 30, 2006 at 09:43:47AM -0500, donovan wrote:

            > so it's there but not reading the correct host info.
            > I have also tried;
            >
            > server_host = ldap://odm.beth.k12.pa.us:389
            > search_base = dc=odm,dc=beth,dc=k12,dc=pa,dc=us
            > query_filter = (mail=%s)
            > result_attribute = mailHost
            > result_filter = smtp:[%s]
            > bind = no
            >

            Report output of "postmap -v -q key ldap:...". This will show which step
            of the LDAP lookup failed. If this does not yield enough information,
            consider add "debuglevel = 1" to the table definition.

            --
            Viktor.

            Disclaimer: off-list followups get on-list replies or get ignored.
            Please do not ignore the "Reply-To" header.

            To unsubscribe from the postfix-users list, visit
            http://www.postfix.org/lists.html or click the link below:
            <mailto:majordomo@...?body=unsubscribe%20postfix-users>

            If my response solves your problem, the best way to thank me is to not
            send an "it worked, thanks" follow-up. If you must respond, please put
            "It worked, thanks" in the "Subject" so I can delete these quickly.
          • Greg Hackney
            Is it possible that it s connecting up okay, but not binding up because there s a login/password required for LDAP database access? I d use the ldapsearch
            Message 5 of 19 , Mar 30, 2006
            • 0 Attachment
              Is it possible that it's connecting up okay, but not binding up because
              there's a login/password required for LDAP database access?

              I'd use the ldapsearch command (comes with OpenLDAP) for preliminary
              testing.
              --
              Greg


              donovan wrote:

              > greetings
              >
              > here is the error i am receiving. the LDAP server is remote. It seems
              > that the file format is incorrect or something. It should not be
              > looking at localhost.
              >
              > postmap: warning: dict_ldap_connect: Unable to bind to server ldap://
              > localhost:389 as : -1 (Can't contact LDAP server)
              >
              > ( yes the server is running )
              >
              > ldaptransport
              >
              > server_host = 10.135.1.10
              > search_base = dc=odm,dc=beth,dc=k12,dc=pa,dc=us
              > query_filter = (mail=%s)
              > result_attribute = mailHost
              > result_filter = smtp:[%s]
              >
              > Created with postmap ldaptransport
              >
              > postconf -n
              > command_directory = /usr/sbin
              > config_directory = /etc/postfix
              > daemon_directory = /usr/libexec/postfix
              > debug_peer_level = 2
              > enable_server_options = yes
              > html_directory = no
              > inet_interfaces = all
              > mail_owner = postfix
              > mailbox_size_limit = 0
              > mailbox_transport = cyrus
              > mailq_path = /usr/bin/mailq
              > manpage_directory = /usr/share/man
              > mydomain_fallback = localhost
              > myhostname = smtp1.beth.k12.pa.us
              > mynetworks = 127.0.0.1/32,10.135.0.0/16
              > mynetworks_style = host
              > newaliases_path = /usr/bin/newaliases
              > queue_directory = /private/var/spool/postfix
              > readme_directory = /usr/share/doc/postfix
              > sample_directory = /usr/share/doc/postfix/examples
              > sendmail_path = /usr/sbin/sendmail
              > setgid_group = postdrop
              > smtpd_pw_server_security_options = none
              > smtpd_recipient_restrictions =
              > permit_mynetworks,reject_unauth_destination,permit
              > smtpd_sasl_auth_enable = no
              > smtpd_tls_key_file =
              > smtpd_use_pw_server = no
              > transport_maps = ldap:ldaptransport
              > unknown_local_recipient_reject_code = 550
              >
              >
              > smtp1:/etc/postfix root# postmap -q 'lukeskywalker' ldap:ldaptransport
              > postmap: warning: dict_ldap_connect: Unable to bind to server ldap://
              > localhost:389 as : -1 (Can't contact LDAP server)
              >
              >
              >
            • Dimitri Aivaliotis
              ... It looks like this is a default connection to localhost - does Postfix do that? Perhaps after querying ldap.conf? ... You don t need to postmap this
              Message 6 of 19 , Mar 30, 2006
              • 0 Attachment
                On 3/30/06, donovan <donovan@...> wrote:

                > postmap: warning: dict_ldap_connect: Unable to bind to server ldap://
                > localhost:389 as : -1 (Can't contact LDAP server)
                >

                It looks like this is a default connection to localhost - does Postfix
                do that? Perhaps after querying ldap.conf?

                >
                > ldaptransport
                >
                > server_host = 10.135.1.10
                > search_base = dc=odm,dc=beth,dc=k12,dc=pa,dc=us
                > query_filter = (mail=%s)
                > result_attribute = mailHost
                > result_filter = smtp:[%s]
                >
                > Created with postmap ldaptransport
                >

                You don't need to 'postmap' this file. The 'ldap' map type reads a
                plain text file.

                > config_directory = /etc/postfix

                > transport_maps = ldap:ldaptransport

                I'd include the full path here. Does the file 'ldaptransport' exist
                in '/etc/postfix'? Then put

                transport_maps = ldap:/etc/postfix/ldaptransport

                - Dimitri
              • donovan
                ... smtp1:/etc/postfix root# postmap -v -q lukeskywalker@beth.k12.pa.us ldap:ldaptransport postmap: dict_ldap_open: Using LDAP source ldaptransport postmap:
                Message 7 of 19 , Mar 30, 2006
                • 0 Attachment

                  On Mar 30, 2006, at 9:58 AM, Victor Duchovni wrote:

                  On Thu, Mar 30, 2006 at 09:43:47AM -0500, donovan wrote:


                  so it's there but not reading the correct host info.

                  I have also tried;


                  server_host = ldap://odm.beth.k12.pa.us:389

                  search_base = dc=odm,dc=beth,dc=k12,dc=pa,dc=us

                  query_filter = (mail=%s)

                  result_attribute = mailHost

                  result_filter = smtp:[%s]

                  bind = no



                  Report output of "postmap -v -q key ldap:...". This will show which step

                  of the LDAP lookup failed. If this does not yield enough information,

                  consider add "debuglevel = 1" to the table definition.


                  smtp1:/etc/postfix root# postmap -v -q 'lukeskywalker@...' ldap:ldaptransport
                  postmap: dict_ldap_open: Using LDAP source ldaptransport
                  postmap: cfg_get_str: ldaptransport: server_host = localhost
                  postmap: cfg_get_int: ldaptransport: server_port = 389
                  postmap: cfg_get_int: ldaptransport: version = 2
                  postmap: dict_ldap_open: ldaptransport server_host URL is ldap://localhost:389
                  postmap: cfg_get_str: ldaptransport: scope = sub
                  postmap: cfg_get_str: ldaptransport: search_base =
                  postmap: cfg_get_str: ldaptransport: domain =
                  postmap: cfg_get_int: ldaptransport: timeout = 10
                  postmap: cfg_get_str: ldaptransport: query_filter = (mailacceptinggeneralid=%s)
                  postmap: cfg_get_str: ldaptransport: result_filter = %s
                  postmap: cfg_get_str: ldaptransport: result_attribute = maildrop
                  postmap: cfg_get_str: ldaptransport: special_result_attribute =
                  postmap: cfg_get_bool: ldaptransport: bind = on
                  postmap: cfg_get_str: ldaptransport: bind_dn =
                  postmap: cfg_get_str: ldaptransport: bind_pw =
                  postmap: cfg_get_bool: ldaptransport: cache = off
                  postmap: cfg_get_int: ldaptransport: cache_expiry = -1
                  postmap: cfg_get_int: ldaptransport: cache_size = -1
                  postmap: cfg_get_int: ldaptransport: recursion_limit = 1000
                  postmap: cfg_get_int: ldaptransport: expansion_limit = 0
                  postmap: cfg_get_int: ldaptransport: size_limit = 0
                  postmap: cfg_get_int: ldaptransport: dereference = 0
                  postmap: cfg_get_bool: ldaptransport: chase_referrals = off
                  postmap: cfg_get_bool: ldaptransport: start_tls = off
                  postmap: cfg_get_bool: ldaptransport: tls_require_cert = off
                  postmap: cfg_get_str: ldaptransport: tls_ca_cert_file =
                  postmap: cfg_get_str: ldaptransport: tls_ca_cert_dir =
                  postmap: cfg_get_str: ldaptransport: tls_cert =
                  postmap: cfg_get_str: ldaptransport: tls_key =
                  postmap: cfg_get_str: ldaptransport: tls_random_file =
                  postmap: cfg_get_str: ldaptransport: tls_cipher_suite =
                  postmap: cfg_get_int: ldaptransport: debuglevel = 0
                  postmap: dict_open: ldap:ldaptransport
                  postmap: dict_ldap_lookup: In dict_ldap_lookup
                  postmap: dict_ldap_lookup: No existing connection for LDAP source ldaptransport, reopening
                  postmap: dict_ldap_connect: Connecting to server ldap://localhost:389
                  postmap: dict_ldap_connect: Actual Protocol version used is 2.
                  postmap: dict_ldap_connect: Binding to server ldap://localhost:389 as dn
                  postmap: warning: dict_ldap_connect: Unable to bind to server ldap://localhost:389 as : -1 (Can't contact LDAP server)

                  right away it is wrong.
                  it should not read localhost. It's as if my transportmap is blank.
                  ?

                  --j
                • Victor Duchovni
                  ... Where are these settings? In main.cf? In a separate file called ldaptransport ? ... This syntax assumes main.cf settings of the form:
                  Message 8 of 19 , Mar 30, 2006
                  • 0 Attachment
                    On Thu, Mar 30, 2006 at 10:18:01AM -0500, donovan wrote:

                    >
                    > On Mar 30, 2006, at 9:58 AM, Victor Duchovni wrote:
                    >
                    > >On Thu, Mar 30, 2006 at 09:43:47AM -0500, donovan wrote:
                    > >
                    > >>so it's there but not reading the correct host info.
                    > >>I have also tried;

                    > >>server_host = ldap://odm.beth.k12.pa.us:389
                    > >>search_base = dc=odm,dc=beth,dc=k12,dc=pa,dc=us
                    > >>query_filter = (mail=%s)
                    > >>result_attribute = mailHost
                    > >>result_filter = smtp:[%s]
                    > >>bind = no

                    Where are these settings? In main.cf? In a separate file called
                    "ldaptransport"?

                    > >Report output of "postmap -v -q key ldap:...". This will show which
                    > >step
                    > >of the LDAP lookup failed. If this does not yield enough information,
                    > >consider add "debuglevel = 1" to the table definition.
                    >
                    > smtp1:/etc/postfix root# postmap -v -q 'lukeskywalker@...'
                    > ldap:ldaptransport

                    This syntax assumes main.cf settings of the form:

                    ldaptransport_server_host = ...
                    ldaptransport_search_base = ...
                    ldaptransport_query_filter = ...

                    For parameters in a file use: ldap:/etc/postfix/ldaptransport (the
                    presumed absolute pathname of the file) instead of ldap:ldaptransport.

                    > postmap: cfg_get_str: ldaptransport: server_host = localhost
                    > postmap: cfg_get_int: ldaptransport: server_port = 389
                    > postmap: cfg_get_int: ldaptransport: version = 2
                    > postmap: dict_ldap_open: ldaptransport server_host URL is ldap://localhost:389
                    > postmap: cfg_get_str: ldaptransport: scope = sub
                    > postmap: cfg_get_str: ldaptransport: search_base =
                    > postmap: cfg_get_str: ldaptransport: domain =
                    > postmap: cfg_get_int: ldaptransport: timeout = 10
                    > postmap: cfg_get_str: ldaptransport: query_filter = (mailacceptinggeneralid=%s)
                    > postmap: cfg_get_str: ldaptransport: result_filter = %s
                    > postmap: cfg_get_str: ldaptransport: result_attribute = maildrop

                    These are all default settings, clearly you don't have the corresponding
                    (prefixed with ldaptransport_) main.cf parameters.

                    > postmap: dict_ldap_lookup: No existing connection for LDAP source
                    > ldaptransport, reopening
                    > postmap: dict_ldap_connect: Connecting to server ldap://localhost:389
                    > postmap: dict_ldap_connect: Actual Protocol version used is 2.
                    > postmap: dict_ldap_connect: Binding to server ldap://localhost:389 as dn
                    > postmap: warning: dict_ldap_connect: Unable to bind to server ldap://
                    > localhost:389 as : -1 (Can't contact LDAP server)
                    >
                    > right away it is wrong.
                    > it should not read localhost. It's as if my transportmap is blank.

                    There's your problem.

                    --
                    Viktor.

                    Disclaimer: off-list followups get on-list replies or get ignored.
                    Please do not ignore the "Reply-To" header.

                    To unsubscribe from the postfix-users list, visit
                    http://www.postfix.org/lists.html or click the link below:
                    <mailto:majordomo@...?body=unsubscribe%20postfix-users>

                    If my response solves your problem, the best way to thank me is to not
                    send an "it worked, thanks" follow-up. If you must respond, please put
                    "It worked, thanks" in the "Subject" so I can delete these quickly.
                  • donovan
                    ... separate file ldaptransport ... okay transport_maps = ldap:/etc/postfix/ldaptransport ... i see that ... working diligently to fix :) okay getting closer
                    Message 9 of 19 , Mar 30, 2006
                    • 0 Attachment
                      On Mar 30, 2006, at 10:39 AM, Victor Duchovni wrote:

                      > On Thu, Mar 30, 2006 at 10:18:01AM -0500, donovan wrote:
                      >
                      >>
                      >> On Mar 30, 2006, at 9:58 AM, Victor Duchovni wrote:
                      >>
                      >>> On Thu, Mar 30, 2006 at 09:43:47AM -0500, donovan wrote:
                      >>>
                      >>>> so it's there but not reading the correct host info.
                      >>>> I have also tried;
                      >
                      >>>> server_host = ldap://odm.beth.k12.pa.us:389
                      >>>> search_base = dc=odm,dc=beth,dc=k12,dc=pa,dc=us
                      >>>> query_filter = (mail=%s)
                      >>>> result_attribute = mailHost
                      >>>> result_filter = smtp:[%s]
                      >>>> bind = no
                      >
                      > Where are these settings? In main.cf? In a separate file called
                      > "ldaptransport"?

                      separate file
                      ldaptransport

                      >
                      >>> Report output of "postmap -v -q key ldap:...". This will show which
                      >>> step
                      >>> of the LDAP lookup failed. If this does not yield enough
                      >>> information,
                      >>> consider add "debuglevel = 1" to the table definition.
                      >>
                      >> smtp1:/etc/postfix root# postmap -v -q 'lukeskywalker@...'
                      >> ldap:ldaptransport
                      >
                      > This syntax assumes main.cf settings of the form:
                      >
                      > ldaptransport_server_host = ...
                      > ldaptransport_search_base = ...
                      > ldaptransport_query_filter = ...
                      >
                      > For parameters in a file use: ldap:/etc/postfix/ldaptransport (the
                      > presumed absolute pathname of the file) instead of ldap:ldaptransport.
                      >

                      okay
                      transport_maps = ldap:/etc/postfix/ldaptransport

                      >> postmap: cfg_get_str: ldaptransport: server_host = localhost
                      >> postmap: cfg_get_int: ldaptransport: server_port = 389
                      >> postmap: cfg_get_int: ldaptransport: version = 2
                      >> postmap: dict_ldap_open: ldaptransport server_host URL is ldap://
                      >> localhost:389
                      >> postmap: cfg_get_str: ldaptransport: scope = sub
                      >> postmap: cfg_get_str: ldaptransport: search_base =
                      >> postmap: cfg_get_str: ldaptransport: domain =
                      >> postmap: cfg_get_int: ldaptransport: timeout = 10
                      >> postmap: cfg_get_str: ldaptransport: query_filter =
                      >> (mailacceptinggeneralid=%s)
                      >> postmap: cfg_get_str: ldaptransport: result_filter = %s
                      >> postmap: cfg_get_str: ldaptransport: result_attribute = maildrop
                      >
                      > These are all default settings, clearly you don't have the
                      > corresponding
                      > (prefixed with ldaptransport_) main.cf parameters.
                      i see that
                      >
                      >> postmap: dict_ldap_lookup: No existing connection for LDAP source
                      >> ldaptransport, reopening
                      >> postmap: dict_ldap_connect: Connecting to server ldap://localhost:389
                      >> postmap: dict_ldap_connect: Actual Protocol version used is 2.
                      >> postmap: dict_ldap_connect: Binding to server ldap://localhost:389
                      >> as dn
                      >> postmap: warning: dict_ldap_connect: Unable to bind to server ldap://
                      >> localhost:389 as : -1 (Can't contact LDAP server)
                      >>
                      >> right away it is wrong.
                      >> it should not read localhost. It's as if my transportmap is blank.
                      >
                      > There's your problem.

                      working diligently to fix :)


                      okay getting closer
                      smtp1:/etc/postfix root# postmap -v -q 'lukeskywalker@...'
                      ldap:/etc/postfix/ldaptransport
                      postmap: dict_ldap_open: Using LDAP source /etc/postfix/ldaptransport
                      postmap: cfg_get_str: /etc/postfix/ldaptransport: server_host =
                      10.135.1.10
                      postmap: cfg_get_int: /etc/postfix/ldaptransport: server_port = 389
                      postmap: cfg_get_int: /etc/postfix/ldaptransport: version = 2
                      postmap: dict_ldap_open: /etc/postfix/ldaptransport server_host URL
                      is ldap://10.135.1.10:389
                      postmap: cfg_get_str: /etc/postfix/ldaptransport: scope = sub
                      postmap: cfg_get_str: /etc/postfix/ldaptransport: search_base =
                      dc=odm,dc=beth,dc=k12,dc=pa,dc=us
                      postmap: cfg_get_str: /etc/postfix/ldaptransport: domain =
                      postmap: cfg_get_int: /etc/postfix/ldaptransport: timeout = 10
                      postmap: cfg_get_str: /etc/postfix/ldaptransport: query_filter =
                      (mail=%s)
                      postmap: cfg_get_str: /etc/postfix/ldaptransport: result_filter =
                      smtp:[%s]
                      postmap: cfg_get_str: /etc/postfix/ldaptransport: result_attribute =
                      mailHost
                      postmap: cfg_get_str: /etc/postfix/ldaptransport:
                      special_result_attribute =
                      postmap: cfg_get_bool: /etc/postfix/ldaptransport: bind = off
                      postmap: cfg_get_str: /etc/postfix/ldaptransport: bind_dn =
                      postmap: cfg_get_str: /etc/postfix/ldaptransport: bind_pw =
                      postmap: cfg_get_bool: /etc/postfix/ldaptransport: cache = off
                      postmap: cfg_get_int: /etc/postfix/ldaptransport: cache_expiry = -1
                      postmap: cfg_get_int: /etc/postfix/ldaptransport: cache_size = -1
                      postmap: cfg_get_int: /etc/postfix/ldaptransport: recursion_limit = 1000
                      postmap: cfg_get_int: /etc/postfix/ldaptransport: expansion_limit = 0
                      postmap: cfg_get_int: /etc/postfix/ldaptransport: size_limit = 0
                      postmap: cfg_get_int: /etc/postfix/ldaptransport: dereference = 0
                      postmap: cfg_get_bool: /etc/postfix/ldaptransport: chase_referrals = off
                      postmap: cfg_get_bool: /etc/postfix/ldaptransport: start_tls = off
                      postmap: cfg_get_bool: /etc/postfix/ldaptransport: tls_require_cert =
                      off
                      postmap: cfg_get_str: /etc/postfix/ldaptransport: tls_ca_cert_file =
                      postmap: cfg_get_str: /etc/postfix/ldaptransport: tls_ca_cert_dir =
                      postmap: cfg_get_str: /etc/postfix/ldaptransport: tls_cert =
                      postmap: cfg_get_str: /etc/postfix/ldaptransport: tls_key =
                      postmap: cfg_get_str: /etc/postfix/ldaptransport: tls_random_file =
                      postmap: cfg_get_str: /etc/postfix/ldaptransport: tls_cipher_suite =
                      postmap: cfg_get_int: /etc/postfix/ldaptransport: debuglevel = 0
                      postmap: dict_open: ldap:/etc/postfix/ldaptransport
                      postmap: dict_ldap_lookup: In dict_ldap_lookup
                      postmap: dict_ldap_lookup: No existing connection for LDAP source /
                      etc/postfix/ldaptransport, reopening
                      postmap: dict_ldap_connect: Connecting to server ldap://10.135.1.10:389
                      postmap: dict_ldap_connect: Actual Protocol version used is 2.
                      postmap: dict_ldap_connect: Cached connection handle for LDAP source /
                      etc/postfix/ldaptransport
                      postmap: dict_ldap_lookup: Searching with filter
                      (mail=lukeskywalker@...)
                      postmap: dict_ldap_get_values[1]: Search found 1 match(es)
                      postmap: dict_ldap_get_values[1]: search returned 1 value(s) for
                      requested result attribute mailHost
                      postmap: dict_ldap_get_values[1]: Leaving dict_ldap_get_values
                      postmap: dict_ldap_lookup: Search returned smtp:[imap1.beth.k12.pa.us]
                      smtp:[imap1.beth.k12.pa.us]
                      postmap: dict_ldap_close: Closed connection handle for LDAP source /
                      etc/postfix/ldaptransport


                      Ta DA!

                      you the man vic

                      Mar 30 10:56:43 smtp1 postfix/qmgr[6052]: 040C467340: removed
                      Mar 30 10:58:07 smtp1 postfix/smtpd[6077]: connect from
                      nc1-4.beth.k12.pa.us[10.135.1.4]
                      Mar 30 10:58:07 smtp1 postfix/smtpd[6077]: 80FFA67342:
                      client=nc1-4.beth.k12.pa.us[10.135.1.4]
                      Mar 30 10:58:07 smtp1 postfix/cleanup[6080]: 80FFA67342: message-
                      id=<442BFFDC.9050708@...>
                      Mar 30 10:58:07 smtp1 postfix/qmgr[6052]: 80FFA67342:
                      from=<holmersimpson@...>, size=592, nrcpt=1 (queue active)
                      Mar 30 10:58:07 smtp1 postfix/smtpd[6077]: disconnect from
                      nc1-4.beth.k12.pa.us[10.135.1.4]
                      Mar 30 10:58:07 smtp1 postfix/smtp[6081]: 80FFA67342:
                      to=<lukeskywalker@...>, relay=imap1.beth.k12.pa.us
                      [10.135.1.5], delay=0, status=sent (250 Ok: queued as 78ABE61D02)
                      Mar 30 10:58:07 smtp1 postfix/qmgr[6052]: 80FFA67342: removed

                      thank you sir.

                      --jeff
                    • Arya, Manish Kumar
                      Hi People, Is there someway to - Limit number of concurrent SMTP connections to postfix box from IP/Network. for eg from one IP/network it cant connect more
                      Message 10 of 19 , Mar 31, 2006
                      • 0 Attachment
                        Hi People,

                        Is there someway to

                        - Limit number of concurrent SMTP connections to
                        postfix box from IP/Network. for eg from one
                        IP/network it cant connect more than 5 connections.

                        - Limit TOTAL number of concurrent SMTP connections to
                        postfix box. for eg postfix box not accepts more than
                        100 concurrent connections in total.

                        I know this can be done by xinetd or some other
                        avaiable, but is it possible to have this config in
                        postfix itself ?

                        -Manish

                        __________________________________________________
                        Do You Yahoo!?
                        Tired of spam? Yahoo! Mail has the best spam protection around
                        http://mail.yahoo.com
                      • Ralf Hildebrandt
                        ... man 5 anvil -- Ralf Hildebrandt (Ralf.Hildebrandt@charite.de) spamtrap@charite.de Postfix - Einrichtung, Betrieb und Wartung Tel. +49
                        Message 11 of 19 , Mar 31, 2006
                        • 0 Attachment
                          * Arya, Manish Kumar <m.arya@...>:
                          > Hi People,
                          >
                          > Is there someway to
                          >
                          > - Limit number of concurrent SMTP connections to
                          > postfix box from IP/Network. for eg from one
                          > IP/network it cant connect more than 5 connections.
                          >
                          > - Limit TOTAL number of concurrent SMTP connections to
                          > postfix box. for eg postfix box not accepts more than
                          > 100 concurrent connections in total.

                          man 5 anvil

                          --
                          Ralf Hildebrandt (Ralf.Hildebrandt@...) spamtrap@...
                          Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155
                          http://www.postfix-buch.com
                          Recipient user name postmaster (postmaster@...) not unique.
                          Several matches found in Domino Directory.
                          Oder auch: Viele Postmaster verderben den Server!
                        • Arya, Manish Kumar
                          ... is there something simple :-/ -manish ... __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam
                          Message 12 of 19 , Mar 31, 2006
                          • 0 Attachment
                            > man 5 anvil

                            is there something simple :-/

                            -manish

                            --- Ralf Hildebrandt <Ralf.Hildebrandt@...>
                            wrote:

                            > * Arya, Manish Kumar <m.arya@...>:
                            > > Hi People,
                            > >
                            > > Is there someway to
                            > >
                            > > - Limit number of concurrent SMTP connections to
                            > > postfix box from IP/Network. for eg from one
                            > > IP/network it cant connect more than 5
                            > connections.
                            > >
                            > > - Limit TOTAL number of concurrent SMTP
                            > connections to
                            > > postfix box. for eg postfix box not accepts more
                            > than
                            > > 100 concurrent connections in total.
                            >
                            > man 5 anvil
                            >
                            > --
                            > Ralf Hildebrandt (Ralf.Hildebrandt@...)
                            > spamtrap@...
                            > Postfix - Einrichtung, Betrieb und Wartung
                            > Tel. +49 (0)30-450 570-155
                            > http://www.postfix-buch.com
                            > Recipient user name postmaster
                            > (postmaster@...) not unique.
                            > Several matches found in Domino Directory.
                            > Oder auch: Viele Postmaster verderben den Server!
                            >


                            __________________________________________________
                            Do You Yahoo!?
                            Tired of spam? Yahoo! Mail has the best spam protection around
                            http://mail.yahoo.com
                          • Ralf Hildebrandt
                            ... It IS simple -- Ralf Hildebrandt (Ralf.Hildebrandt@charite.de) spamtrap@charite.de Postfix - Einrichtung, Betrieb und Wartung Tel. +49
                            Message 13 of 19 , Mar 31, 2006
                            • 0 Attachment
                              * Arya, Manish Kumar <m.arya@...>:
                              > > man 5 anvil
                              >
                              > is there something simple :-/

                              It IS simple

                              --
                              Ralf Hildebrandt (Ralf.Hildebrandt@...) spamtrap@...
                              Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155
                              http://www.postfix-buch.com
                              Got a light?
                              Typical unix response: Got: No match.
                            • Arya, Manish Kumar
                              Hi Ralf, can you give me some sample config for anvil or some links. man page has limited explanation. Regards, -Manish ...
                              Message 14 of 19 , Mar 31, 2006
                              • 0 Attachment
                                Hi Ralf,

                                can you give me some sample config for anvil or
                                some links. man page has limited explanation.

                                Regards,
                                -Manish

                                --- Ralf Hildebrandt <Ralf.Hildebrandt@...>
                                wrote:

                                > * Arya, Manish Kumar <m.arya@...>:
                                > > > man 5 anvil
                                > >
                                > > is there something simple :-/
                                >
                                > It IS simple
                                >
                                > --
                                > Ralf Hildebrandt (Ralf.Hildebrandt@...)
                                > spamtrap@...
                                > Postfix - Einrichtung, Betrieb und Wartung
                                > Tel. +49 (0)30-450 570-155
                                > http://www.postfix-buch.com
                                > Got a light?
                                > Typical unix response: Got: No match.
                                >


                                __________________________________________________
                                Do You Yahoo!?
                                Tired of spam? Yahoo! Mail has the best spam protection around
                                http://mail.yahoo.com
                              • Ralf Hildebrandt
                                ... http://www.postfix.org/TUNING_README.html#conn_limit -- Ralf Hildebrandt (Ralf.Hildebrandt@charite.de) spamtrap@charite.de Postfix - Einrichtung,
                                Message 15 of 19 , Mar 31, 2006
                                • 0 Attachment
                                  * Arya, Manish Kumar <m.arya@...>:
                                  > Hi Ralf,
                                  >
                                  > can you give me some sample config for anvil or
                                  > some links. man page has limited explanation.

                                  http://www.postfix.org/TUNING_README.html#conn_limit

                                  --
                                  Ralf Hildebrandt (Ralf.Hildebrandt@...) spamtrap@...
                                  Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155
                                  http://www.postfix-buch.com
                                  A distributed system is one in which the failure of a computer you
                                  didn't even know existed can render your own computer unusable.
                                • Wietse Venema
                                  ... http://www.postfix.org/postconf.5.html#smtpd_client_connection_count_limit ... http://www.postfix.org/master.5.html ... Of course. Wietse
                                  Message 16 of 19 , Mar 31, 2006
                                  • 0 Attachment
                                    Arya, Manish Kumar:
                                    > Hi People,
                                    >
                                    > Is there someway to
                                    >
                                    > - Limit number of concurrent SMTP connections to
                                    > postfix box from IP/Network. for eg from one
                                    > IP/network it cant connect more than 5 connections.

                                    http://www.postfix.org/postconf.5.html#smtpd_client_connection_count_limit

                                    > - Limit TOTAL number of concurrent SMTP connections to
                                    > postfix box. for eg postfix box not accepts more than
                                    > 100 concurrent connections in total.

                                    http://www.postfix.org/master.5.html

                                    > I know this can be done by xinetd or some other
                                    > avaiable, but is it possible to have this config in
                                    > postfix itself ?

                                    Of course.

                                    Wietse
                                  • Arya, Manish Kumar
                                    Hi, I want to configure postfix for MX backup for some domains. I mean if some remote SMTP server is down then its mails should be queued up in my postfix box
                                    Message 17 of 19 , Apr 2, 2006
                                    • 0 Attachment
                                      Hi,

                                      I want to configure postfix for MX backup for some
                                      domains. I mean if some remote SMTP server is down
                                      then its mails should be queued up in my postfix box
                                      for certain time(say 1 week) and as soon as remote
                                      SMTP comes up my postfix box should start delivering
                                      mails through remote SMTP.

                                      what are the parameters for configuing

                                      -list of domains for backup MX (is it relay_domains ?
                                      http://www.postfix.org/STANDARD_CONFIGURATION_README.html#backup)
                                      -MX queue lifetime

                                      Regards,
                                      -Manish



                                      __________________________________________________
                                      Do You Yahoo!?
                                      Tired of spam? Yahoo! Mail has the best spam protection around
                                      http://mail.yahoo.com
                                    • Arya, Manish Kumar
                                      Thanks guys, it works smtpd_client_connection_count_limit = 10 smtpd_client_event_limit_exceptions = but I am able to this for single IP. is there someway to
                                      Message 18 of 19 , Apr 2, 2006
                                      • 0 Attachment
                                        Thanks guys, it works

                                        smtpd_client_connection_count_limit = 10
                                        smtpd_client_event_limit_exceptions =

                                        but I am able to this for single IP. is there someway
                                        to do this for whole network?

                                        Regards,
                                        -Manish


                                        --- Wietse Venema <wietse@...> wrote:

                                        > Arya, Manish Kumar:
                                        > > Hi People,
                                        > >
                                        > > Is there someway to
                                        > >
                                        > > - Limit number of concurrent SMTP connections to
                                        > > postfix box from IP/Network. for eg from one
                                        > > IP/network it cant connect more than 5
                                        > connections.
                                        >
                                        >
                                        http://www.postfix.org/postconf.5.html#smtpd_client_connection_count_limit
                                        >
                                        > > - Limit TOTAL number of concurrent SMTP
                                        > connections to
                                        > > postfix box. for eg postfix box not accepts more
                                        > than
                                        > > 100 concurrent connections in total.
                                        >
                                        > http://www.postfix.org/master.5.html
                                        >
                                        > > I know this can be done by xinetd or some other
                                        > > avaiable, but is it possible to have this config
                                        > in
                                        > > postfix itself ?
                                        >
                                        > Of course.
                                        >
                                        > Wietse
                                        >


                                        __________________________________________________
                                        Do You Yahoo!?
                                        Tired of spam? Yahoo! Mail has the best spam protection around
                                        http://mail.yahoo.com
                                      • Elijah Savage
                                        ... I do not understand what you mean for a whole network or single ip. This is set globally. What I mean by that is no matter where you connect from those
                                        Message 19 of 19 , Apr 3, 2006
                                        • 0 Attachment
                                          Arya, Manish Kumar wrote:
                                          > Thanks guys, it works
                                          >
                                          > smtpd_client_connection_count_limit = 10
                                          > smtpd_client_event_limit_exceptions =
                                          >
                                          > but I am able to this for single IP. is there someway
                                          > to do this for whole network?
                                          >
                                          > Regards,
                                          > -Manish

                                          I do not understand what you mean for a whole network or single ip. This
                                          is set globally. What I mean by that is no matter where you connect from
                                          those connections would be made to follow those rules so it is set for
                                          the entire network.

                                          Like I said above everyone would be made to follow such rules. With the
                                          smtp_client_event_limit_exceptions = being blank this would even pertain
                                          to customers in your local lan also, it could be a good idea to include
                                          $mynetworks at least or .example.com as your domain.

                                          You have not given a real good scenario of what you are trying to
                                          accomplish and why you want to do such but also keep in mind
                                          smtpd_connection_rate_time_unit default is set to 60 seconds, meaning
                                          with your setting one client would be able to connect a maximum of 10
                                          times in one minute.


                                          --
                                          ----------------------------------------------------------------------
                                          Elijah Savage | AOL IM:layer3rules
                                          Senior Network Engineer | When it has to be switched or routed.
                                          http://www.digitalrage.org | The Information Technology News Center
                                          ----- http://www.digitalrage.org/?page_id=46 for pgp public key--------
                                        Your message has been successfully submitted and would be delivered to recipients shortly.