Loading ...
Sorry, an error occurred while loading the content.
 

smtp_fallback_relay

Expand Messages
  • Zbigniew Szalbot
    Hello, I would like to be able to configure my instance of postfix so that messages to domains I have trouble reaching from my DSL line, would be relayed
    Message 1 of 17 , Mar 29, 2008
      Hello,

      I would like to be able to configure my instance of postfix so that
      messages to domains I have trouble reaching from my DSL line, would be
      relayed through my ISP's mail server.

      How can I configure postifx to be an smtp client for these domains? I
      have these domains in a flat file where each domain is on a new line.

      I have read
      http://www.postfix.org/postconf.5.html#smtp_fallback_relay
      but I am not sure how to implement it or if it is the function I need for this.

      Many thanks for your help!

      --
      Zbigniew Szalbot
    • Wietse Venema
      ... Are you having trouble SENDING mail or RECEIVING mail? Wietse
      Message 2 of 17 , Mar 29, 2008
        Zbigniew Szalbot:
        > Hello,
        >
        > I would like to be able to configure my instance of postfix so that
        > messages to domains I have trouble reaching from my DSL line, would be
        > relayed through my ISP's mail server.

        Are you having trouble SENDING mail or RECEIVING mail?

        Wietse

        > How can I configure postifx to be an smtp client for these domains? I
        > have these domains in a flat file where each domain is on a new line.
        >
        > I have read
        > http://www.postfix.org/postconf.5.html#smtp_fallback_relay
        > but I am not sure how to implement it or if it is the function I need for this.
        >
        > Many thanks for your help!
        >
        > --
        > Zbigniew Szalbot
        >
        >
      • Xavier Romero
        ... Guessing that you have a postfix server for outgoing mail and you are experiencing problems reaching yahoo.com you just set on your /etc/postfix/transport
        Message 3 of 17 , Mar 29, 2008
          > Hello,
          >
          > I would like to be able to configure my instance of postfix so that
          > messages to domains I have trouble reaching from my DSL line, would be
          > relayed through my ISP's mail server.
          >
          > How can I configure postifx to be an smtp client for these domains? I
          > have these domains in a flat file where each domain is on a new line.
          >
          > I have read
          > http://www.postfix.org/postconf.5.html#smtp_fallback_relay
          > but I am not sure how to implement it or if it is the function I need for
          > this.
          >

          Guessing that you have a postfix server for outgoing mail and you are experiencing problems reaching yahoo.com you just set on your /etc/postfix/transport

          yahoo.com :[smarthost.isp.com]

          and then you 'compile' it

          postmap /etc/postfix/transport

          Xavier Romero.
        • Zbigniew Szalbot
          Hello, ... Sorry - having trouble sending. IP ranges of our national DSL line operator are often blocked by default. This is why I would like to configure
          Message 4 of 17 , Mar 29, 2008
            Hello,

            > > I would like to be able to configure my instance of postfix so that
            > > messages to domains I have trouble reaching from my DSL line, would be
            > > relayed through my ISP's mail server.
            >
            >
            > Are you having trouble SENDING mail or RECEIVING mail?

            Sorry - having trouble sending. IP ranges of our national DSL line
            operator are often blocked by default. This is why I would like to
            configure postfix to deliver to some domains via smarthost until we
            move to another ISP. Thanks!


            --
            Zbigniew Szalbot
          • Zbigniew Szalbot
            Hi there, ... Thanks! This works but I need to authenticate with my ISP smarthost. I ve read http://www.postfix.org/SASL_README.html#client_sasl but it is not
            Message 5 of 17 , Mar 29, 2008
              Hi there,

              > Guessing that you have a postfix server for outgoing mail and you are experiencing problems reaching yahoo.com you just set on your /etc/postfix/transport
              >
              > yahoo.com :[smarthost.isp.com]
              >
              > and then you 'compile' it
              >
              > postmap /etc/postfix/transport

              Thanks! This works but I need to authenticate with my ISP smarthost.
              I've read http://www.postfix.org/SASL_README.html#client_sasl
              but it is not clear to me how the transport information should be
              connected with the authentication mechanism. In other words, how to
              authenticate with my isp's smarthost? Beg your patience with me!
              Thanks!


              --
              Zbigniew Szalbot
            • Wietse Venema
              ... In that case, /etc/postfix/main.cf: smtp_fallback_relay=[mail.isp.com] will be used only for SMTP destinations that can t be found or that are unreachable.
              Message 6 of 17 , Mar 29, 2008
                Zbigniew Szalbot:
                > Hello,
                >
                > > > I would like to be able to configure my instance of postfix so that
                > > > messages to domains I have trouble reaching from my DSL line, would be
                > > > relayed through my ISP's mail server.
                > >
                > >
                > > Are you having trouble SENDING mail or RECEIVING mail?
                >
                > Sorry - having trouble sending. IP ranges of our national DSL line
                > operator are often blocked by default. This is why I would like to
                > configure postfix to deliver to some domains via smarthost until we
                > move to another ISP. Thanks!

                In that case,

                /etc/postfix/main.cf:
                smtp_fallback_relay=[mail.isp.com]

                will be used only for SMTP destinations that can't be found or that
                are unreachable. However, it is not a good solution with remote sites
                that accept your mail and then throw it away.

                For those sites, the suggestion to use a transport map is better:

                /etc/postfix/main.cf:
                transport_maps = hash:/etc/postfix/transport

                /etc/postfix/transport:
                yahoo.com smtp:[mail.isp.com]

                Use "postmap /etc/postfix/transport" whenever you update the file.

                The [] forces Postfix to not do DNS lookups of MX records.

                Wietse
              • Wietse Venema
                ... Configure smtp_sasl_password_maps with your ISP s mailhost name and your password. http://www.postfix.org/SASL_README.html#client_sasl Wietse
                Message 7 of 17 , Mar 29, 2008
                  Zbigniew Szalbot:
                  > Hi there,
                  >
                  > > Guessing that you have a postfix server for outgoing mail and you are experiencing problems reaching yahoo.com you just set on your /etc/postfix/transport
                  > >
                  > > yahoo.com :[smarthost.isp.com]
                  > >
                  > > and then you 'compile' it
                  > >
                  > > postmap /etc/postfix/transport
                  >
                  > Thanks! This works but I need to authenticate with my ISP smarthost.
                  > I've read http://www.postfix.org/SASL_README.html#client_sasl
                  > but it is not clear to me how the transport information should be
                  > connected with the authentication mechanism. In other words, how to
                  > authenticate with my isp's smarthost? Beg your patience with me!

                  Configure smtp_sasl_password_maps with your ISP's mailhost name
                  and your password.

                  http://www.postfix.org/SASL_README.html#client_sasl

                  Wietse
                • Zbigniew Szalbot
                  ... Right - I think I need some more help... 1/ main.cf: # client smtp authentication smtp_sasl_auth_enable = yes # smtp_sasl_security_options = noanonymous
                  Message 8 of 17 , Apr 1, 2008
                    2008/3/30, Wietse Venema <wietse@...>:
                    > Zbigniew Szalbot:
                    >
                    > > Hi there,
                    > >
                    > > > Guessing that you have a postfix server for outgoing mail and you are experiencing problems reaching yahoo.com you just set on your /etc/postfix/transport
                    > > >
                    > > > yahoo.com :[smarthost.isp.com]
                    > > >
                    > > > and then you 'compile' it
                    > > >
                    > > > postmap /etc/postfix/transport
                    > >
                    > > Thanks! This works but I need to authenticate with my ISP smarthost.
                    > > I've read http://www.postfix.org/SASL_README.html#client_sasl
                    > > but it is not clear to me how the transport information should be
                    > > connected with the authentication mechanism. In other words, how to
                    > > authenticate with my isp's smarthost? Beg your patience with me!
                    >
                    >
                    > Configure smtp_sasl_password_maps with your ISP's mailhost name
                    > and your password.
                    >
                    >
                    > http://www.postfix.org/SASL_README.html#client_sasl

                    Right - I think I need some more help...

                    1/ main.cf:
                    # client smtp authentication
                    smtp_sasl_auth_enable = yes
                    # smtp_sasl_security_options = noanonymous
                    smtp_sasl_password_maps = hash:/usr/local/etc/postfix/sasl_passwd
                    smtp_sasl_type = cyrus
                    relayhost = [my.isp.com]

                    2/ transport map:
                    yahoo.com :[my.isp.com]

                    3/ sasl_passwd:
                    [my.isp.com] user:passwd

                    Transport map is ok as I am hammering the right mail server but I am
                    not authenticating myself with the remote postfix mail server:

                    Apr 1 14:14:30 szalbot postfix/smtp[28449]: 92D852844D:
                    to=<someone@...>, relay=slowo.pl[85.14.85.15]:25, delay=0.47,
                    delays=0.15/0.09/0.1/0.12, dsn=5.7.1, status=bounced (host
                    slowo.pl[85.14.85.15] said: 554 5.7.1 <someone@...>: Relay
                    access denied (in reply to RCPT TO command))
                    Apr 1 14:14:30 szalbot postfix/cleanup[28441]: 2191728454:
                    message-id=<20080401121430.2191728454@...-words.com>
                    Apr 1 14:14:30 szalbot postfix/bounce[28451]: 92D852844D: sender
                    non-delivery notification: 2191728454
                    Apr 1 14:14:30 szalbot postfix/qmgr[28420]: 2191728454: from=<>,
                    size=3037, nrcpt=1 (queue active)
                    Apr 1 14:14:30 szalbot postfix/qmgr[28420]: 92D852844D: removed

                    Any hint what I am doing wrong will be greatly appreciated! Many, many thanks!


                    --
                    Zbigniew Szalbot
                  • Victor Duchovni
                    ... Don t cut/paste from main.cf, show postconf -n output. ... Don t cut/paste from the transport table, show postmap -q output. ... Don t cut/paste from
                    Message 9 of 17 , Apr 1, 2008
                      On Tue, Apr 01, 2008 at 02:22:15PM +0200, Zbigniew Szalbot wrote:

                      >
                      > 1/ main.cf:
                      > # client smtp authentication
                      > smtp_sasl_auth_enable = yes
                      > # smtp_sasl_security_options = noanonymous
                      > smtp_sasl_password_maps = hash:/usr/local/etc/postfix/sasl_passwd
                      > smtp_sasl_type = cyrus
                      > relayhost = [my.isp.com]

                      Don't cut/paste from main.cf, show "postconf -n" output.

                      > 2/ transport map:
                      > yahoo.com :[my.isp.com]

                      Don't cut/paste from the transport table, show "postmap -q" output.

                      > 3/ sasl_passwd:
                      > [my.isp.com] user:passwd

                      Don't cut/paste from the sasl password table, show "postmap -q" output.

                      > Apr 1 14:14:30 szalbot postfix/smtp[28449]: 92D852844D:
                      > to=<someone@...>, relay=slowo.pl[85.14.85.15]:25, delay=0.47,
                      > delays=0.15/0.09/0.1/0.12, dsn=5.7.1, status=bounced (host
                      > slowo.pl[85.14.85.15] said: 554 5.7.1 <someone@...>: Relay
                      > access denied (in reply to RCPT TO command))

                      This host is not allowing relay access, that does not prove that you
                      did not authenticate. You may need to set "debug_peer_list" and examine
                      the detailed protocol trace to see what actually happens.

                      The ISP relay appears to be running Postfix, and to offer SASL auth.

                      250-max.cyfronet.com
                      250-PIPELINING
                      250-SIZE 51200000
                      250-ETRN
                      250-AUTH PLAIN LOGIN
                      250-AUTH=PLAIN LOGIN
                      250-ENHANCEDSTATUSCODES
                      250-8BITMIME
                      250 DSN

                      --
                      Viktor.

                      Disclaimer: off-list followups get on-list replies or get ignored.
                      Please do not ignore the "Reply-To" header.

                      To unsubscribe from the postfix-users list, visit
                      http://www.postfix.org/lists.html or click the link below:
                      <mailto:majordomo@...?body=unsubscribe%20postfix-users>

                      If my response solves your problem, the best way to thank me is to not
                      send an "it worked, thanks" follow-up. If you must respond, please put
                      "It worked, thanks" in the "Subject" so I can delete these quickly.
                    • Zbigniew Szalbot
                      hi there, Sorry for snippets instead of full information! ... broken_sasl_auth_clients = yes command_directory = /usr/local/sbin config_directory =
                      Message 10 of 17 , Apr 1, 2008
                        hi there,

                        Sorry for snippets instead of full information!

                        > Don't cut/paste from main.cf, show "postconf -n" output.
                        broken_sasl_auth_clients = yes
                        command_directory = /usr/local/sbin
                        config_directory = /usr/local/etc/postfix
                        content_filter = smtp-amavis:[127.0.0.1]:10024
                        daemon_directory = /usr/local/libexec/postfix
                        data_directory = /var/db/postfix
                        debug_peer_level = 2
                        html_directory = no
                        mail_owner = postfix
                        mailq_path = /usr/local/bin/mailq
                        manpage_directory = /usr/local/man
                        mydomain = lists.lc-words.com
                        myhostname = lists.lc-words.com
                        mynetworks_style = host
                        newaliases_path = /usr/local/bin/newaliases
                        queue_directory = /var/spool/postfix
                        readme_directory = no smtp_sasl_auth_enable = yes
                        smtp_sasl_security_options = noanonymous smtp_sasl_password_maps =
                        hash:/usr/local/etc/postfix/sasl_passwd relayhost = [slowo.pl]
                        relay_domains =
                        proxy:mysql:/usr/local/etc/postfix/mysql_relay_domains_maps.cf
                        mailman.szalbot.homedns.org
                        sample_directory = /usr/local/etc/postfix
                        sendmail_path = /usr/local/sbin/sendmail
                        setgid_group = maildrop
                        smtp_tls_note_starttls_offer = yes
                        smtp_use_tls = yes
                        smtpd_recipient_restrictions = permit_mynetworks,
                        permit_sasl_authenticated, reject_non_fqdn_hostname,
                        reject_non_fqdn_sender, reject_non_fqdn_recipient,
                        reject_unauth_destination, reject_unauth_pipelining,
                        reject_invalid_hostname, reject_rbl_client zen.spamhaus.org
                        smtpd_sasl_auth_enable = yes
                        smtpd_sasl_authenticated_header = yes
                        smtpd_sasl_local_domain = $myhostname
                        smtpd_sasl_path = private/auth
                        smtpd_sasl_security_options = noanonymous
                        smtpd_sasl_type = dovecot
                        smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks
                        smtpd_tls_CAfile = /etc/ssl/postfix/smtpd.pem
                        smtpd_tls_cert_file = /etc/ssl/postfix/smtpd.pem
                        smtpd_tls_key_file = /etc/ssl/postfix/smtpd.pem
                        smtpd_tls_loglevel = 0
                        smtpd_tls_received_header = yes
                        smtpd_tls_session_cache_timeout = 3600s
                        smtpd_use_tls = yes
                        soft_bounce = no
                        tls_random_source = dev:/dev/urandom
                        transport_maps = hash:/usr/local/etc/postfix/transport
                        unknown_local_recipient_reject_code = 550
                        virtual_alias_maps =
                        proxy:mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf
                        virtual_mailbox_domains =
                        proxy:mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf
                        virtual_mailbox_maps =
                        proxy:mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf
                        virtual_transport = virtual

                        > Don't cut/paste from the transport table, show "postmap -q" output.
                        postmap -q
                        postmap: option requires an argument -- q
                        postmap: fatal: usage: postmap [-Nfinoprsvw] [-c config_dir] [-d key]
                        [-q key] [map_type:]file...

                        postmap -q yahoo.com
                        postmap: fatal: usage: postmap [-Nfinoprsvw] [-c config_dir] [-d key]
                        [-q key] [map_type:]file...
                        $ postmap -q yahoo.com /usr/local/etc/postfix/transport

                        I am not sure how to use postmap -q so here is the whole content of transport:
                        autoreply.szalbot.homedns.org vacation:
                        mailman.szalbot.homedns.org mailman:
                        yahoo.com :[slowo.pl]


                        > Don't cut/paste from the sasl password table, show "postmap -q" output.
                        $ cat sasl_passwd
                        [slowo.pl] user:passwd


                        Thanks!

                        --
                        Zbigniew Szalbot
                      • Victor Duchovni
                        ... You let the mail client rewrap the output, not a good idea, but the result is still (just) parseable. ... Are you at all puzzled by this surprisingly long
                        Message 11 of 17 , Apr 1, 2008
                          On Tue, Apr 01, 2008 at 04:43:46PM +0200, Zbigniew Szalbot wrote:

                          > Sorry for snippets instead of full information!

                          You let the mail client rewrap the output, not a good idea, but the
                          result is still (just) parseable.

                          > [...]
                          > mydomain = lists.lc-words.com
                          > myhostname = lists.lc-words.com
                          > mynetworks_style = host
                          > newaliases_path = /usr/local/bin/newaliases
                          > queue_directory = /var/spool/postfix

                          > readme_directory = no smtp_sasl_auth_enable = yes smtp_sasl_security_options = noanonymous smtp_sasl_password_maps = hash:/usr/local/etc/postfix/sasl_passwd relayhost = [slowo.pl]

                          Are you at all puzzled by this surprisingly long "readme_directory" setting?

                          > relay_domains = proxy:mysql:/usr/local/etc/postfix/mysql_relay_domains_maps.cf
                          > mailman.szalbot.homedns.org
                          > sample_directory = /usr/local/etc/postfix
                          > sendmail_path = /usr/local/sbin/sendmail
                          > setgid_group = maildrop

                          > smtp_tls_note_starttls_offer = yes
                          > smtp_use_tls = yes

                          And lack of any smtp_sasl_ settings?

                          > smtpd_recipient_restrictions = permit_mynetworks,
                          > permit_sasl_authenticated, reject_non_fqdn_hostname,
                          > reject_non_fqdn_sender, reject_non_fqdn_recipient,
                          > reject_unauth_destination, reject_unauth_pipelining,
                          > reject_invalid_hostname, reject_rbl_client zen.spamhaus.org
                          > ...

                          > > Don't cut/paste from the transport table, show "postmap -q" output.

                          > postmap -q
                          > postmap: option requires an argument -- q
                          > postmap: fatal: usage: postmap [-Nfinoprsvw] [-c config_dir] [-d key]
                          > [-q key] [map_type:]file...

                          The "postmap" command has a manual page. Please read it.

                          man postmap

                          > > Don't cut/paste from the sasl password table, show "postmap -q" output.
                          > $ cat sasl_passwd
                          > [slowo.pl] user:passwd

                          Show "postmap -q ..." output that demonstrates the entry is in the
                          indexed table built from the above source file.

                          --
                          Viktor.

                          Disclaimer: off-list followups get on-list replies or get ignored.
                          Please do not ignore the "Reply-To" header.

                          To unsubscribe from the postfix-users list, visit
                          http://www.postfix.org/lists.html or click the link below:
                          <mailto:majordomo@...?body=unsubscribe%20postfix-users>

                          If my response solves your problem, the best way to thank me is to not
                          send an "it worked, thanks" follow-up. If you must respond, please put
                          "It worked, thanks" in the "Subject" so I can delete these quickly.
                        • Zbigniew Szalbot
                          ... I believe I have now corrected these entries. Thank you. https://mail.google.com/mail/ Gmail - smtp_fallback_relay ... postconf -n broken_sasl_auth_clients
                          Message 12 of 17 , Apr 1, 2008
                            2008/4/1, Victor Duchovni <Victor.Duchovni@...>:
                            > On Tue, Apr 01, 2008 at 04:43:46PM +0200, Zbigniew Szalbot wrote:

                            > Are you at all puzzled by this surprisingly long "readme_directory" setting?
                            I believe I have now corrected these entries. Thank you.
                            https://mail.google.com/mail/
                            Gmail - smtp_fallback_relay
                            > > smtp_tls_note_starttls_offer = yes
                            > > smtp_use_tls = yes
                            >
                            > And lack of any smtp_sasl_ settings?

                            postconf -n
                            broken_sasl_auth_clients = yes
                            command_directory = /usr/local/sbin
                            config_directory = /usr/local/etc/postfix
                            content_filter = smtp-amavis:[127.0.0.1]:10024
                            daemon_directory = /usr/local/libexec/postfix
                            data_directory = /var/db/postfix
                            debug_peer_level = 2
                            html_directory = no
                            mail_owner = postfix
                            mailq_path = /usr/local/bin/mailq
                            manpage_directory = /usr/local/man
                            mydomain = lists.lc-words.com
                            myhostname = lists.lc-words.com
                            mynetworks_style = host
                            newaliases_path = /usr/local/bin/newaliases
                            queue_directory = /var/spool/postfix
                            readme_directory = no
                            relay_domains =
                            proxy:mysql:/usr/local/etc/postfix/mysql_relay_domains_maps.cf
                            mailman.szalbot.homedns.org
                            relayhost = [slowo.pl]
                            sample_directory = /usr/local/etc/postfix
                            sendmail_path = /usr/local/sbin/sendmail
                            setgid_group = maildrop
                            smtp_sasl_auth_enable = yes
                            smtp_sasl_password_maps = hash:/usr/local/etc/postfix/sasl_passwd
                            smtp_sasl_security_options = noanonymous
                            smtp_sasl_type = cyrus
                            smtp_tls_note_starttls_offer = yes
                            smtp_use_tls = yes
                            smtpd_recipient_restrictions = permit_mynetworks,
                            permit_sasl_authenticated, reject_non_fqdn_hostname,
                            reject_non_fqdn_sender, reject_non_fqdn_recipient,
                            reject_unauth_destination, reject_unauth_pipelining,
                            reject_invalid_hostname, reject_rbl_client zen.spamhaus.org
                            smtpd_sasl_auth_enable = yes
                            smtpd_sasl_authenticated_header = yes
                            smtpd_sasl_local_domain = $myhostname
                            smtpd_sasl_path = private/auth
                            smtpd_sasl_security_options = noanonymous
                            smtpd_sasl_type = dovecot
                            smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks
                            smtpd_tls_CAfile = /etc/ssl/postfix/smtpd.pem
                            smtpd_tls_cert_file = /etc/ssl/postfix/smtpd.pem
                            smtpd_tls_key_file = /etc/ssl/postfix/smtpd.pem
                            smtpd_tls_loglevel = 0
                            smtpd_tls_received_header = yes
                            smtpd_tls_session_cache_timeout = 3600s
                            smtpd_use_tls = yes
                            soft_bounce = no
                            tls_random_source = dev:/dev/urandom
                            transport_maps = hash:/usr/local/etc/postfix/transport
                            unknown_local_recipient_reject_code = 550
                            virtual_alias_maps =
                            proxy:mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf
                            virtual_mailbox_domains =
                            proxy:mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf
                            virtual_mailbox_maps =
                            proxy:mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf
                            virtual_transport = virtual

                            and yet when I reload:
                            Apr 1 18:11:05 szalbot postfix/smtp[33111]: warning: unsupported SASL
                            client implementation: cyrus
                            Apr 1 18:11:05 szalbot postfix/smtp[33111]: fatal: SASL library initialization

                            Does it mean I have to compile postifx with cyrus support (SASL2)? I
                            compiled it with dovecot but changing cyrus to dovecot still produces
                            an error about unsupported SASL client implementation.


                            > Show "postmap -q ..." output that demonstrates the entry is in the
                            > indexed table built from the above source file.
                            Ok. lesson learnt.

                            postmap -q "yahoo.com" /usr/local/etc/postfix/transport
                            :[slowo.pl]

                            postmap -q "[slowo.pl]" /usr/local/etc/postfix/sasl_passwd
                            user:password

                            Thanks for your patience with me!

                            --
                            Zbigniew Szalbot
                          • Zbigniew Szalbot
                            Hello - solved! :) Installing sasl2 solved the problem. Sorry for bothering the list. I think I have learnt something though :) Zbigniew Szalbot ... --
                            Message 13 of 17 , Apr 1, 2008
                              Hello - solved! :)

                              Installing sasl2 solved the problem. Sorry for bothering the list. I
                              think I have learnt something though :)

                              Zbigniew Szalbot

                              2008/4/1, Zbigniew Szalbot <zszalbot@...>:
                              > 2008/4/1, Victor Duchovni <Victor.Duchovni@...>:
                              >
                              > > On Tue, Apr 01, 2008 at 04:43:46PM +0200, Zbigniew Szalbot wrote:
                              >
                              >
                              > > Are you at all puzzled by this surprisingly long "readme_directory" setting?
                              >
                              > I believe I have now corrected these entries. Thank you.
                              > https://mail.google.com/mail/
                              > Gmail - smtp_fallback_relay
                              >
                              > > > smtp_tls_note_starttls_offer = yes
                              > > > smtp_use_tls = yes
                              > >
                              > > And lack of any smtp_sasl_ settings?
                              >
                              >
                              > postconf -n
                              >
                              > broken_sasl_auth_clients = yes
                              > command_directory = /usr/local/sbin
                              > config_directory = /usr/local/etc/postfix
                              > content_filter = smtp-amavis:[127.0.0.1]:10024
                              > daemon_directory = /usr/local/libexec/postfix
                              > data_directory = /var/db/postfix
                              > debug_peer_level = 2
                              > html_directory = no
                              > mail_owner = postfix
                              > mailq_path = /usr/local/bin/mailq
                              > manpage_directory = /usr/local/man
                              >
                              > mydomain = lists.lc-words.com
                              > myhostname = lists.lc-words.com
                              > mynetworks_style = host
                              > newaliases_path = /usr/local/bin/newaliases
                              > queue_directory = /var/spool/postfix
                              > readme_directory = no
                              >
                              > relay_domains =
                              > proxy:mysql:/usr/local/etc/postfix/mysql_relay_domains_maps.cf
                              > mailman.szalbot.homedns.org
                              >
                              > relayhost = [slowo.pl]
                              >
                              > sample_directory = /usr/local/etc/postfix
                              > sendmail_path = /usr/local/sbin/sendmail
                              > setgid_group = maildrop
                              >
                              > smtp_sasl_auth_enable = yes
                              >
                              > smtp_sasl_password_maps = hash:/usr/local/etc/postfix/sasl_passwd
                              > smtp_sasl_security_options = noanonymous
                              >
                              > smtp_sasl_type = cyrus
                              >
                              > smtp_tls_note_starttls_offer = yes
                              > smtp_use_tls = yes
                              >
                              > smtpd_recipient_restrictions = permit_mynetworks,
                              > permit_sasl_authenticated, reject_non_fqdn_hostname,
                              > reject_non_fqdn_sender, reject_non_fqdn_recipient,
                              > reject_unauth_destination, reject_unauth_pipelining,
                              > reject_invalid_hostname, reject_rbl_client zen.spamhaus.org
                              >
                              > smtpd_sasl_auth_enable = yes
                              > smtpd_sasl_authenticated_header = yes
                              > smtpd_sasl_local_domain = $myhostname
                              > smtpd_sasl_path = private/auth
                              > smtpd_sasl_security_options = noanonymous
                              > smtpd_sasl_type = dovecot
                              > smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks
                              > smtpd_tls_CAfile = /etc/ssl/postfix/smtpd.pem
                              > smtpd_tls_cert_file = /etc/ssl/postfix/smtpd.pem
                              > smtpd_tls_key_file = /etc/ssl/postfix/smtpd.pem
                              > smtpd_tls_loglevel = 0
                              > smtpd_tls_received_header = yes
                              > smtpd_tls_session_cache_timeout = 3600s
                              > smtpd_use_tls = yes
                              > soft_bounce = no
                              > tls_random_source = dev:/dev/urandom
                              > transport_maps = hash:/usr/local/etc/postfix/transport
                              > unknown_local_recipient_reject_code = 550
                              > virtual_alias_maps =
                              > proxy:mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf
                              > virtual_mailbox_domains =
                              > proxy:mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf
                              > virtual_mailbox_maps =
                              > proxy:mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf
                              > virtual_transport = virtual
                              >
                              >
                              > and yet when I reload:
                              > Apr 1 18:11:05 szalbot postfix/smtp[33111]: warning: unsupported SASL
                              > client implementation: cyrus
                              > Apr 1 18:11:05 szalbot postfix/smtp[33111]: fatal: SASL library initialization
                              >
                              > Does it mean I have to compile postifx with cyrus support (SASL2)? I
                              > compiled it with dovecot but changing cyrus to dovecot still produces
                              > an error about unsupported SASL client implementation.
                              >
                              >
                              >
                              > > Show "postmap -q ..." output that demonstrates the entry is in the
                              > > indexed table built from the above source file.
                              >
                              > Ok. lesson learnt.
                              >
                              >
                              > postmap -q "yahoo.com" /usr/local/etc/postfix/transport
                              >
                              > :[slowo.pl]
                              >
                              > postmap -q "[slowo.pl]" /usr/local/etc/postfix/sasl_passwd
                              > user:password
                              >
                              > Thanks for your patience with me!
                              >
                              > --
                              >
                              > Zbigniew Szalbot
                              >


                              --
                              Zbigniew Szalbot
                            • Ralf Hildebrandt
                              Currently, smtp_fallback_relay is being used after the first failed delivery. http://www.postfix.org/postconf.5.html#smtp_fallback_relay explicitly mentions:
                              Message 14 of 17 , Jun 13, 2013
                                Currently, smtp_fallback_relay is being used after the first failed
                                delivery.

                                http://www.postfix.org/postconf.5.html#smtp_fallback_relay
                                explicitly mentions: "With bulk email deliveries, it can be beneficial
                                to run the fallback relay MTA on the same host, so that it can reuse
                                the sender IP address. This speeds up deliveries that are delayed by
                                IP-based reputation systems (greylist, etc.)."

                                i thought this could be done easier, like:

                                Why not have either a smtp_fallback_relay_threshold
                                parameter, which specifies after how many delivery attempts the mail
                                will be passed to the smtp_fallback_relay.

                                It would have to default to 1 to be backwards compatible.

                                Alternative/additional approach:

                                smtp_fallback_relay_threshold_time (compare to
                                smtp_pix_workaround_threshold_time)

                                How long a message must be queued before the Postfix SMTP client
                                passes the mail to the smtp_fallback_relay.

                                No idea what an appropriate default would be...

                                --
                                [*] sys4 AG

                                http://sys4.de, +49 (89) 30 90 46 64
                                Franziskanerstraße 15, 81669 München

                                Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
                                Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer
                                Aufsichtsratsvorsitzender: Florian Kirstein
                              • Viktor Dukhovni
                                ... Postfix does not record the number of delivery attempts in the queue file. Updates of such a record (unless it is a one byte gauge that tops out at 255)
                                Message 15 of 17 , Jun 13, 2013
                                  On Thu, Jun 13, 2013 at 03:40:33PM +0200, Ralf Hildebrandt wrote:

                                  > Currently, smtp_fallback_relay is being used after the first failed
                                  > delivery.
                                  >
                                  > http://www.postfix.org/postconf.5.html#smtp_fallback_relay
                                  > explicitly mentions: "With bulk email deliveries, it can be beneficial
                                  > to run the fallback relay MTA on the same host, so that it can reuse
                                  > the sender IP address. This speeds up deliveries that are delayed by
                                  > IP-based reputation systems (greylist, etc.)."
                                  >
                                  > i thought this could be done easier, like:
                                  >
                                  > Why not have either a smtp_fallback_relay_threshold
                                  > parameter, which specifies after how many delivery attempts the mail
                                  > will be passed to the smtp_fallback_relay.
                                  >
                                  > It would have to default to 1 to be backwards compatible.

                                  Postfix does not record the number of delivery attempts in the
                                  queue file. Updates of such a record (unless it is a one byte
                                  gauge that tops out at 255) cannot be done atomically, it may
                                  not accurately reflect the number of delivery attempts, since
                                  when a destination is throttled, some recipients are deferred
                                  without being tried or re-tried. So at best we could have a
                                  one byte count of how many times a message has been deferred.

                                  This would need be a new queue-file envelope record, so cleanup
                                  would have to write it into new queue files and qmgr would have to
                                  update it when deferring a queue file.

                                  > Alternative/additional approach:
                                  >
                                  > smtp_fallback_relay_threshold_time (compare to
                                  > smtp_pix_workaround_threshold_time)

                                  This can be done without changing the queue file format.

                                  > How long a message must be queued before the Postfix SMTP client
                                  > passes the mail to the smtp_fallback_relay.

                                  Only after first trying the real destination. This may be the
                                  first attempt on a sufficiently congested system.

                                  > No idea what an appropriate default would be...

                                  The default should disable this new feature, some people rely on
                                  the fallback relay kicking in right away. Thus the default would
                                  be 0.

                                  Otherwise, 1-3 hours is about right, the geometric mean of 300s
                                  and 5d is 3hours. Use the lower end of the range if maximal_backoff_time
                                  is substantially smaller than 1 hour and the higher end if maximal
                                  backoff time is at least 1 hour.

                                  --
                                  Viktor.
                                • Wietse Venema
                                  ... Problems: 1) There is no delivery attempt counter. That counter would have to be per-recipient. If this counter is larger than 1 byte, then it may span
                                  Message 16 of 17 , Jun 13, 2013
                                    Ralf Hildebrandt:
                                    > Currently, smtp_fallback_relay is being used after the first failed
                                    > delivery.
                                    >
                                    > http://www.postfix.org/postconf.5.html#smtp_fallback_relay
                                    > explicitly mentions: "With bulk email deliveries, it can be beneficial
                                    > to run the fallback relay MTA on the same host, so that it can reuse
                                    > the sender IP address. This speeds up deliveries that are delayed by
                                    > IP-based reputation systems (greylist, etc.)."
                                    >
                                    > i thought this could be done easier, like:
                                    >
                                    > Why not have either a smtp_fallback_relay_threshold
                                    > parameter, which specifies after how many delivery attempts the mail
                                    > will be passed to the smtp_fallback_relay.

                                    Problems:

                                    1) There is no delivery attempt counter. That counter would have
                                    to be per-recipient. If this counter is larger than 1 byte, then
                                    it may span disk block boundaries, and it may become corrupted when
                                    the machine is shutdown without syncing the disk. Until now, message
                                    queue files have a strong guarantee against such corruption.

                                    2) As mentioned by Viktor the queue manager defers mail for dead
                                    destinations without contacting the SMTP client. In those cases the
                                    smtp_fallback_relay feature has no effect. For your suggestion to
                                    work we would have to move fallback_relay logic from the SMTP client
                                    into the queue manager. That's a lot of complexity for little gain.

                                    > Alternative/additional approach:
                                    >
                                    > smtp_fallback_relay_threshold_time (compare to
                                    > smtp_pix_workaround_threshold_time)
                                    >
                                    > How long a message must be queued before the Postfix SMTP client
                                    > passes the mail to the smtp_fallback_relay.

                                    A threshold would work, with the default of 0 meaning that the
                                    threshold is disabled.

                                    My time is very limited, and this feature is simple enough that I
                                    will take a patch for this.

                                    Wietse
                                  • Ralf Hildebrandt
                                    ... That sounds good. All I want is the machine to put some effort (a few tries) into delivery instead of going ah, no, give it to the fallback ... OK -- [*]
                                    Message 17 of 17 , Jun 14, 2013
                                      > > Alternative/additional approach:
                                      > >
                                      > > smtp_fallback_relay_threshold_time (compare to
                                      > > smtp_pix_workaround_threshold_time)
                                      > >
                                      > > How long a message must be queued before the Postfix SMTP client
                                      > > passes the mail to the smtp_fallback_relay.
                                      >
                                      > A threshold would work, with the default of 0 meaning that the
                                      > threshold is disabled.

                                      That sounds good. All I want is the machine to put some effort (a few
                                      tries) into delivery instead of going "ah, no, give it to the fallback"

                                      > My time is very limited, and this feature is simple enough that I
                                      > will take a patch for this.

                                      OK

                                      --
                                      [*] sys4 AG

                                      http://sys4.de, +49 (89) 30 90 46 64
                                      Franziskanerstraße 15, 81669 München

                                      Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
                                      Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer
                                      Aufsichtsratsvorsitzender: Florian Kirstein
                                    Your message has been successfully submitted and would be delivered to recipients shortly.