Loading ...
Sorry, an error occurred while loading the content.

bad address pattern

Expand Messages
  • Glenn English
    ... Hash: SHA1 Postfix (2.3.8 binary Debian testing install) has quit working reliably. I ve restarted it, reinstalled it, and found the string in the cidr
    Message 1 of 9 , Jun 1, 2008
    • 0 Attachment
      -----BEGIN PGP SIGNED MESSAGE-----
      Hash: SHA1

      Postfix (2.3.8 binary Debian testing install) has quit working reliably.
      I've restarted it, reinstalled it, and found the string in the cidr
      check in the utilities (don't understand what's going on). I'm at a loss...

      Here's part of a log:

      > Jun 1 20:34:28 server postfix/smtpd[6412]: connect from unknown[209.164.135.37]
      > Jun 1 20:34:28 server postfix/smtpd[6412]: fatal: bad address pattern: "be"
      > Jun 1 20:34:28 server postfix/smtpd[6416]: connect from unknown[58.186.128.113]
      > Jun 1 20:34:28 server postfix/smtpd[6416]: fatal: bad address pattern: "be"
      > Jun 1 20:34:28 server postfix/smtpd[6418]: connect from n2c.bullet.mail.re1.yahoo.com[69.147.103.233]
      > Jun 1 20:34:28 server postfix/smtpd[6418]: fatal: bad address pattern: "be"
      > Jun 1 20:34:28 server postfix/smtpd[6414]: connect from n37b.bullet.mail.sp1.yahoo.com[66.163.168.151]
      > Jun 1 20:34:28 server postfix/smtpd[6414]: fatal: bad address pattern: "be"
      > Jun 1 20:34:28 server postfix/smtpd[6415]: connect from n11d.bullet.scd.yahoo.com[66.218.67.60]
      > Jun 1 20:34:28 server postfix/smtpd[6415]: fatal: bad address pattern: "be"
      > Jun 1 20:34:28 server postfix/smtpd[6417]: connect from n32c.bullet.scd.yahoo.com[66.94.237.10]
      > Jun 1 20:34:28 server postfix/smtpd[6417]: fatal: bad address pattern: "be"
      > Jun 1 20:34:28 server postfix/smtpd[6419]: connect from n17d.bullet.scd.yahoo.com[66.218.67.56]
      > Jun 1 20:34:28 server postfix/smtpd[6419]: fatal: bad address pattern: "be"
      > Jun 1 20:34:28 server postfix/smtpd[6420]: connect from unknown[58.18.122.50]
      > Jun 1 20:34:28 server postfix/smtpd[6420]: fatal: bad address pattern: "be"
      > Jun 1 20:34:29 server postfix/master[4631]: warning: process /usr/lib/postfix/smtpd pid 6412 exit status 1
      > Jun 1 20:34:29 server postfix/master[4631]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
      > Jun 1 20:34:29 server postfix/master[4631]: warning: process /usr/lib/postfix/smtpd pid 6416 exit status 1
      > Jun 1 20:34:29 server postfix/master[4631]: warning: process /usr/lib/postfix/smtpd pid 6418 exit status 1
      > Jun 1 20:34:29 server postfix/master[4631]: warning: process /usr/lib/postfix/smtpd pid 6414 exit status 1
      > Jun 1 20:34:29 server postfix/master[4631]: warning: process /usr/lib/postfix/smtpd pid 6415 exit status 1
      > Jun 1 20:34:29 server postfix/master[4631]: warning: process /usr/lib/postfix/smtpd pid 6417 exit status 1
      > Jun 1 20:34:29 server postfix/master[4631]: warning: process /usr/lib/postfix/smtpd pid 6419 exit status 1
      > Jun 1 20:34:29 server postfix/master[4631]: warning: process /usr/lib/postfix/smtpd pid 6420 exit status 1

      Here's postconf:

      > root@server:~/init.d# postconf
      > 2bounce_notice_recipient = postmaster
      > access_map_reject_code = 554
      > address_verify_default_transport = $default_transport
      > address_verify_local_transport = $local_transport
      > address_verify_map =
      > address_verify_negative_cache = yes
      > address_verify_negative_expire_time = 3d
      > address_verify_negative_refresh_time = 3h
      > address_verify_poll_count = 3
      > address_verify_poll_delay = 3s
      > address_verify_positive_expire_time = 31d
      > address_verify_positive_refresh_time = 7d
      > address_verify_relay_transport = $relay_transport
      > address_verify_relayhost = $relayhost
      > address_verify_sender = postmaster
      > address_verify_sender_dependent_relayhost_maps = $sender_dependent_relayhost_maps
      > address_verify_service_name = verify
      > address_verify_transport_maps = $transport_maps
      > address_verify_virtual_transport = $virtual_transport
      > alias_database = hash:/etc/postfix/aliases
      > alias_maps = hash:/etc/postfix/aliases
      > allow_mail_to_commands = alias, forward
      > allow_mail_to_files = alias, forward
      > allow_min_user = no
      > allow_percent_hack = yes
      > allow_untrusted_routing = no
      > alternate_config_directories =
      > always_bcc =
      > anvil_rate_time_unit = 60s
      > anvil_status_update_time = 600s
      > append_at_myorigin = yes
      > append_dot_mydomain = yes
      > application_event_drain_time = 100s
      > authorized_flush_users = static:anyone
      > authorized_mailq_users = static:anyone
      > authorized_submit_users = static:anyone
      > backwards_bounce_logfile_compatibility = yes
      > berkeley_db_create_buffer_size = 16777216
      > berkeley_db_read_buffer_size = 131072
      > best_mx_transport =
      > biff = no
      > body_checks = regexp:/etc/postfix/bodychecks
      > body_checks_size_limit = 51200
      > bounce_notice_recipient = postmaster
      > bounce_queue_lifetime = 5d
      > bounce_service_name = bounce
      > bounce_size_limit = 50000
      > bounce_template_file =
      > broken_sasl_auth_clients = no
      > canonical_classes = envelope_sender, envelope_recipient, header_sender, header_recipient
      > canonical_maps = hash:/etc/postfix/canonical
      > cleanup_service_name = cleanup
      > command_directory = /usr/sbin
      > command_execution_directory =
      > command_expansion_filter = 1234567890!@%-_=+:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ
      > command_time_limit = 1000s
      > config_directory = /etc/postfix
      > connection_cache_protocol_timeout = 5s
      > connection_cache_service_name = scache
      > connection_cache_status_update_time = 600s
      > connection_cache_ttl_limit = 2s
      > content_filter =
      > daemon_directory = /usr/lib/postfix
      > daemon_timeout = 18000s
      > debug_peer_level = 2
      > debug_peer_list =
      > default_database_type = hash
      > default_delivery_slot_cost = 5
      > default_delivery_slot_discount = 50
      > default_delivery_slot_loan = 3
      > default_destination_concurrency_limit = 20
      > default_destination_recipient_limit = 50
      > default_extra_recipient_limit = 1000
      > default_minimum_delivery_slots = 3
      > default_privs = nobody
      > default_process_limit = 100
      > default_rbl_reply = $rbl_code Service unavailable; $rbl_class [$rbl_what] blocked using $rbl_domain${rbl_reason?; $rbl_reason}
      > default_recipient_limit = 10000
      > default_transport = smtp
      > default_verp_delimiters = +=
      > defer_code = 450
      > defer_service_name = defer
      > defer_transports =
      > delay_logging_resolution_limit = 2
      > delay_notice_recipient = postmaster
      > delay_warning_time = 4h
      > deliver_lock_attempts = 20
      > deliver_lock_delay = 1s
      > disable_dns_lookups = no
      > disable_mime_input_processing = no
      > disable_mime_output_conversion = no
      > disable_verp_bounces = no
      > disable_vrfy_command = yes
      > dont_remove = 0
      > double_bounce_sender = double-bounce
      > duplicate_filter_limit = 1000
      > empty_address_recipient = root
      > enable_original_recipient = yes
      > error_notice_recipient = postmaster
      > error_service_name = error
      > execution_directory_expansion_filter = 1234567890!@%-_=+:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ
      > expand_owner_alias = no
      > export_environment = TZ MAIL_CONFIG LANG
      > fallback_transport =
      > fallback_transport_maps =
      > fast_flush_domains = $relay_domains
      > fast_flush_purge_time = 7d
      > fast_flush_refresh_time = 12h
      > fault_injection_code = 0
      > flush_service_name = flush
      > fork_attempts = 5
      > fork_delay = 1s
      > forward_expansion_filter = 1234567890!@%-_=+:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ
      > forward_path = $home/.forward${recipient_delimiter}${extension}, $home/.forward
      > frozen_delivered_to = yes
      > hash_queue_depth = 1
      > hash_queue_names = deferred, defer
      > header_address_token_limit = 10240
      > header_checks = regexp:/etc/postfix/headers
      > header_size_limit = 102400
      > helpful_warnings = yes
      > home_mailbox =
      > hopcount_limit = 50
      > html_directory = no
      > ignore_mx_lookup_error = no
      > import_environment = MAIL_CONFIG MAIL_DEBUG MAIL_LOGTAG TZ XAUTHORITY DISPLAY LANG=C
      > in_flow_delay = 1s
      > inet_interfaces = all
      > inet_protocols = ipv4
      > initial_destination_concurrency = 5
      > internal_mail_filter_classes =
      > invalid_hostname_reject_code = 501
      > ipc_idle = 100s
      > ipc_timeout = 3600s
      > ipc_ttl = 1000s
      > line_length_limit = 2048
      > lmtp_bind_address =
      > lmtp_bind_address6 =
      > lmtp_cname_overrides_servername = no
      > lmtp_connect_timeout = 0s
      > lmtp_connection_cache_destinations =
      > lmtp_connection_cache_on_demand = yes
      > lmtp_connection_cache_time_limit = 2s
      > lmtp_connection_reuse_time_limit = 300s
      > lmtp_data_done_timeout = 600s
      > lmtp_data_init_timeout = 120s
      > lmtp_data_xfer_timeout = 180s
      > lmtp_defer_if_no_mx_address_found = no
      > lmtp_destination_concurrency_limit = $default_destination_concurrency_limit
      > lmtp_destination_recipient_limit = $default_destination_recipient_limit
      > lmtp_discard_lhlo_keyword_address_maps =
      > lmtp_discard_lhlo_keywords =
      > lmtp_enforce_tls = no
      > lmtp_generic_maps =
      > lmtp_host_lookup = dns
      > lmtp_lhlo_name = $myhostname
      > lmtp_lhlo_timeout = 300s
      > lmtp_line_length_limit = 0
      > lmtp_mail_timeout = 300s
      > lmtp_mx_address_limit = 5
      > lmtp_mx_session_limit = 2
      > lmtp_pix_workaround_delay_time = 10s
      > lmtp_pix_workaround_threshold_time = 500s
      > lmtp_quit_timeout = 300s
      > lmtp_quote_rfc821_envelope = yes
      > lmtp_randomize_addresses = yes
      > lmtp_rcpt_timeout = 300s
      > lmtp_rset_timeout = 20s
      > lmtp_sasl_auth_enable = no
      > lmtp_sasl_mechanism_filter =
      > lmtp_sasl_password_maps =
      > lmtp_sasl_path =
      > lmtp_sasl_security_options = noplaintext, noanonymous
      > lmtp_sasl_tls_security_options = $lmtp_sasl_security_options
      > lmtp_sasl_tls_verified_security_options = $lmtp_sasl_tls_security_options
      > lmtp_sasl_type = cyrus
      > lmtp_send_xforward_command = no
      > lmtp_sender_dependent_authentication = no
      > lmtp_skip_5xx_greeting = yes
      > lmtp_starttls_timeout = 300s
      > lmtp_tcp_port = 24
      > lmtp_tls_CAfile =
      > lmtp_tls_CApath =
      > lmtp_tls_cert_file =
      > lmtp_tls_dcert_file =
      > lmtp_tls_dkey_file = $lmtp_tls_dcert_file
      > lmtp_tls_enforce_peername = yes
      > lmtp_tls_exclude_ciphers =
      > lmtp_tls_key_file = $lmtp_tls_cert_file
      > lmtp_tls_loglevel = 0
      > lmtp_tls_mandatory_ciphers = medium
      > lmtp_tls_mandatory_exclude_ciphers =
      > lmtp_tls_mandatory_protocols = SSLv3, TLSv1
      > lmtp_tls_note_starttls_offer = no
      > lmtp_tls_per_site =
      > lmtp_tls_policy_maps =
      > lmtp_tls_scert_verifydepth = 5
      > lmtp_tls_secure_cert_match = nexthop
      > lmtp_tls_security_level =
      > lmtp_tls_session_cache_database =
      > lmtp_tls_session_cache_timeout = 3600s
      > lmtp_tls_verify_cert_match = hostname
      > lmtp_use_tls = no
      > lmtp_xforward_timeout = 300s
      > local_command_shell =
      > local_destination_concurrency_limit = 2
      > local_destination_recipient_limit = 1
      > local_header_rewrite_clients = permit_inet_interfaces
      > local_recipient_maps = proxy:unix:passwd.byname $alias_maps
      > local_transport = local:$myhostname
      > luser_relay =
      > mail_name = server.$mydomain
      > mail_owner = postfix
      > mail_release_date = 20070301
      > mail_spool_directory = /var/mail
      > mail_version = 2.3.8
      > mailbox_command = procmail -a "$EXTENSION"
      > mailbox_command_maps =
      > mailbox_delivery_lock = fcntl, dotlock
      > mailbox_size_limit = 0
      > mailbox_transport =
      > mailbox_transport_maps =
      > mailq_path = /usr/bin/mailq
      > manpage_directory = /usr/share/man
      > maps_rbl_domains =
      > maps_rbl_reject_code = 554
      > masquerade_classes = envelope_sender, header_sender, header_recipient
      > masquerade_domains = $mydomain
      > masquerade_exceptions =
      > max_idle = 100s
      > max_use = 100
      > maximal_backoff_time = 4000s
      > maximal_queue_lifetime = 5d
      > message_reject_characters =
      > message_size_limit = 20240000
      > message_strip_characters =
      > milter_command_timeout = 30s
      > milter_connect_macros = j {daemon_name} v
      > milter_connect_timeout = 30s
      > milter_content_timeout = 300s
      > milter_data_macros = i
      > milter_default_action = tempfail
      > milter_end_of_data_macros = i
      > milter_helo_macros = {tls_version} {cipher} {cipher_bits} {cert_subject} {cert_issuer}
      > milter_macro_daemon_name = $myhostname
      > milter_macro_v = $mail_name $mail_version
      > milter_mail_macros = i {auth_type} {auth_authen} {auth_author} {mail_addr}
      > milter_protocol = 2
      > milter_rcpt_macros = i {rcpt_addr}
      > milter_unknown_command_macros =
      > mime_boundary_length_limit = 2048
      > mime_header_checks = $header_checks
      > mime_nesting_limit = 100
      > minimal_backoff_time = 1000s
      > multi_recipient_bounce_reject_code = 550
      > mydestination = localhost, localdomain, localhost.localdomain, $mydomain, mail.$mydomain, smtp.$mydomain, server.$mydomain, localhost.$mydomain, $dmzdomain, mail.$dmzdomain, log.$dmzdomain, localhost.$dmzdomain, $landomain, mail.$landomain, zbox.$landomain, sbox.$landomain, lserver.$landomain, pblinux.$landomain, slsware.wif, pblinux.slsware.wif, slsware.per
      > mydomain = slsware.com
      > myhostname = server.$mydomain
      > mynetworks = 127.0.0.0/8, 192.168.0.0/24, 192.168.10.0/24, 192.168.20.0/24, 192.168.30.0/24, /etc/postfix/mynetworks
      > mynetworks_style = subnet
      > myorigin = slsware.com
      > nested_header_checks = $header_checks
      > newaliases_path = /usr/bin/newaliases
      > non_fqdn_reject_code = 504
      > non_smtpd_milters =
      > notify_classes = resource, software
      > owner_request_special = yes
      > parent_domain_matches_subdomains = debug_peer_list,fast_flush_domains,mynetworks,permit_mx_backup_networks,qmqpd_authorized_clients,relay_domains,smtpd_access_maps
      > permit_mx_backup_networks =
      > pickup_service_name = pickup
      > plaintext_reject_code = 450
      > prepend_delivered_header = command, file, forward
      > process_id_directory = pid
      > propagate_unmatched_extensions = canonical, virtual
      > proxy_interfaces =
      > proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks
      > qmgr_clog_warn_time = 300s
      > qmgr_fudge_factor = 100
      > qmgr_message_active_limit = 20000
      > qmgr_message_recipient_limit = 20000
      > qmgr_message_recipient_minimum = 10
      > qmqpd_authorized_clients =
      > qmqpd_error_delay = 1s
      > qmqpd_timeout = 300s
      > queue_directory = /var/spool/postfix
      > queue_file_attribute_count_limit = 100
      > queue_minfree = 0
      > queue_run_delay = 1000s
      > queue_service_name = qmgr
      > rbl_reply_maps =
      > readme_directory = /usr/share/doc/postfix
      > receive_override_options =
      > recipient_bcc_maps =
      > recipient_canonical_classes = envelope_recipient, header_recipient
      > recipient_canonical_maps = hash:/etc/postfix/canonical-recipient
      > recipient_delimiter = +
      > reject_code = 554
      > relay_clientcerts =
      > relay_destination_concurrency_limit = $default_destination_concurrency_limit
      > relay_destination_recipient_limit = $default_destination_recipient_limit
      > relay_domains = $mydestination
      > relay_domains_reject_code = 554
      > relay_recipient_maps =
      > relay_transport = relay
      > relayhost =
      > relocated_maps =
      > remote_header_rewrite_domain =
      > require_home_directory = no
      > resolve_dequoted_address = yes
      > resolve_null_domain = no
      > resolve_numeric_domain = no
      > rewrite_service_name = rewrite
      > sample_directory = /usr/share/doc/postfix/examples
      > sender_bcc_maps =
      > sender_canonical_classes = envelope_sender, header_sender
      > sender_canonical_maps = hash:/etc/postfix/canonical-sender
      > sender_dependent_relayhost_maps =
      > sendmail_path = /usr/sbin/sendmail
      > service_throttle_time = 60s
      > setgid_group = postdrop
      > show_user_unknown_table_name = yes
      > showq_service_name = showq
      > smtp_always_send_ehlo = yes
      > smtp_bind_address =
      > smtp_bind_address6 =
      > smtp_cname_overrides_servername = no
      > smtp_connect_timeout = 30s
      > smtp_connection_cache_destinations =
      > smtp_connection_cache_on_demand = yes
      > smtp_connection_cache_time_limit = 2s
      > smtp_connection_reuse_time_limit = 300s
      > smtp_data_done_timeout = 600s
      > smtp_data_init_timeout = 120s
      > smtp_data_xfer_timeout = 180s
      > smtp_defer_if_no_mx_address_found = no
      > smtp_destination_concurrency_limit = $default_destination_concurrency_limit
      > smtp_destination_recipient_limit = $default_destination_recipient_limit
      > smtp_discard_ehlo_keyword_address_maps =
      > smtp_discard_ehlo_keywords =
      > smtp_enforce_tls = no
      > smtp_fallback_relay = $fallback_relay
      > smtp_generic_maps =
      > smtp_helo_name = $myhostname
      > smtp_helo_timeout = 300s
      > smtp_host_lookup = dns
      > smtp_line_length_limit = 0
      > smtp_mail_timeout = 300s
      > smtp_mx_address_limit = 5
      > smtp_mx_session_limit = 2
      > smtp_never_send_ehlo = no
      > smtp_pix_workaround_delay_time = 10s
      > smtp_pix_workaround_threshold_time = 500s
      > smtp_quit_timeout = 300s
      > smtp_quote_rfc821_envelope = yes
      > smtp_randomize_addresses = yes
      > smtp_rcpt_timeout = 300s
      > smtp_rset_timeout = 20s
      > smtp_sasl_auth_enable = no
      > smtp_sasl_mechanism_filter =
      > smtp_sasl_password_maps =
      > smtp_sasl_path =
      > smtp_sasl_security_options = noplaintext, noanonymous
      > smtp_sasl_tls_security_options = $smtp_sasl_security_options
      > smtp_sasl_tls_verified_security_options = $smtp_sasl_tls_security_options
      > smtp_sasl_type = cyrus
      > smtp_send_xforward_command = no
      > smtp_sender_dependent_authentication = no
      > smtp_skip_5xx_greeting = yes
      > smtp_skip_quit_response = yes
      > smtp_starttls_timeout = 300s
      > smtp_tls_CAfile =
      > smtp_tls_CApath =
      > smtp_tls_cert_file =
      > smtp_tls_dcert_file =
      > smtp_tls_dkey_file = $smtp_tls_dcert_file
      > smtp_tls_enforce_peername = yes
      > smtp_tls_exclude_ciphers =
      > smtp_tls_key_file = $smtp_tls_cert_file
      > smtp_tls_loglevel = 0
      > smtp_tls_mandatory_ciphers = medium
      > smtp_tls_mandatory_exclude_ciphers =
      > smtp_tls_mandatory_protocols = SSLv3, TLSv1
      > smtp_tls_note_starttls_offer = no
      > smtp_tls_per_site =
      > smtp_tls_policy_maps =
      > smtp_tls_scert_verifydepth = 5
      > smtp_tls_secure_cert_match = nexthop, dot-nexthop
      > smtp_tls_security_level =
      > smtp_tls_session_cache_database =
      > smtp_tls_session_cache_timeout = 3600s
      > smtp_tls_verify_cert_match = hostname
      > smtp_use_tls = no
      > smtp_xforward_timeout = 300s
      > smtpd_authorized_verp_clients = $authorized_verp_clients
      > smtpd_authorized_xclient_hosts =
      > smtpd_authorized_xforward_hosts =
      > smtpd_banner = $mail_name
      > smtpd_client_connection_count_limit = 50
      > smtpd_client_connection_rate_limit = 0
      > smtpd_client_event_limit_exceptions = ${smtpd_client_connection_limit_exceptions:$mynetworks}
      > smtpd_client_message_rate_limit = 0
      > smtpd_client_new_tls_session_rate_limit = 0
      > smtpd_client_recipient_rate_limit = 0
      > smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, permit
      > smtpd_data_restrictions = reject_unauth_pipelining, permit
      > smtpd_delay_open_until_valid_rcpt = yes
      > smtpd_delay_reject = yes
      > smtpd_discard_ehlo_keyword_address_maps =
      > smtpd_discard_ehlo_keywords =
      > smtpd_end_of_data_restrictions =
      > smtpd_enforce_tls = no
      > smtpd_error_sleep_time = 1s
      > smtpd_etrn_restrictions =
      > smtpd_expansion_filter = \t\40!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~
      > smtpd_forbidden_commands = CONNECT GET POST
      > smtpd_hard_error_limit = 20
      > smtpd_helo_required = yes
      > smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_invalid_hostname, permit
      > smtpd_history_flush_threshold = 100
      > smtpd_junk_command_limit = 100
      > smtpd_milters =
      > smtpd_noop_commands =
      > smtpd_null_access_lookup_key = <>
      > smtpd_peername_lookup = yes
      > smtpd_policy_service_max_idle = 300s
      > smtpd_policy_service_max_ttl = 1000s
      > smtpd_policy_service_timeout = 100s
      > smtpd_proxy_ehlo = $myhostname
      > smtpd_proxy_filter =
      > smtpd_proxy_timeout = 100s
      > smtpd_recipient_limit = 1000
      > smtpd_recipient_overshoot_limit = 1000
      > smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_unknown_recipient_domain, check_policy_service inet:127.0.0.1:$postgrey permit
      > smtpd_reject_unlisted_recipient = yes
      > smtpd_reject_unlisted_sender = no
      > smtpd_restriction_classes =
      > smtpd_sasl_auth_enable = no
      > smtpd_sasl_authenticated_header = no
      > smtpd_sasl_exceptions_networks =
      > smtpd_sasl_local_domain =
      > smtpd_sasl_path = smtpd
      > smtpd_sasl_security_options = noanonymous
      > smtpd_sasl_tls_security_options = $smtpd_sasl_security_options
      > smtpd_sasl_type = cyrus
      > smtpd_sender_login_maps =
      > smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_invalid_hostname, reject_unknown_sender_domain, permit
      > smtpd_soft_error_limit = 10
      > smtpd_starttls_timeout = 300s
      > smtpd_timeout = 60
      > smtpd_tls_CAfile =
      > smtpd_tls_CApath =
      > smtpd_tls_always_issue_session_ids = yes
      > smtpd_tls_ask_ccert = no
      > smtpd_tls_auth_only = no
      > smtpd_tls_ccert_verifydepth = 5
      > smtpd_tls_cert_file =
      > smtpd_tls_dcert_file =
      > smtpd_tls_dh1024_param_file =
      > smtpd_tls_dh512_param_file =
      > smtpd_tls_dkey_file = $smtpd_tls_dcert_file
      > smtpd_tls_exclude_ciphers =
      > smtpd_tls_key_file = $smtpd_tls_cert_file
      > smtpd_tls_loglevel = 0
      > smtpd_tls_mandatory_ciphers = medium
      > smtpd_tls_mandatory_exclude_ciphers =
      > smtpd_tls_mandatory_protocols = SSLv3, TLSv1
      > smtpd_tls_received_header = no
      > smtpd_tls_req_ccert = no
      > smtpd_tls_security_level =
      > smtpd_tls_session_cache_database =
      > smtpd_tls_session_cache_timeout = 3600s
      > smtpd_tls_wrappermode = no
      > smtpd_use_tls = no
      > soft_bounce = no
      > stale_lock_time = 500s
      > strict_7bit_headers = no
      > strict_8bitmime = no
      > strict_8bitmime_body = no
      > strict_mime_encoding_domain = no
      > strict_rfc821_envelopes = no
      > sun_mailtool_compatibility = no
      > swap_bangpath = yes
      > syslog_facility = mail
      > syslog_name = postfix
      > tls_daemon_random_bytes = 32
      > tls_export_cipherlist = ALL:+RC4:@STRENGTH
      > tls_high_cipherlist = ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH
      > tls_low_cipherlist = ALL:!EXPORT:+RC4:@STRENGTH
      > tls_medium_cipherlist = ALL:!EXPORT:!LOW:+RC4:@STRENGTH
      > tls_null_cipherlist = !aNULL:eNULL+kRSA
      > tls_random_bytes = 32
      > tls_random_exchange_name = ${queue_directory}/prng_exch
      > tls_random_prng_update_period = 3600s
      > tls_random_reseed_period = 3600s
      > tls_random_source = dev:/dev/urandom
      > trace_service_name = trace
      > transport_maps = hash:/etc/postfix/transport-mapping
      > transport_retry_time = 60s
      > trigger_timeout = 10s
      > undisclosed_recipients_header = To: undisclosed-recipients:;
      > unknown_address_reject_code = 450
      > unknown_client_reject_code = 450
      > unknown_hostname_reject_code = 450
      > unknown_local_recipient_reject_code = 550
      > unknown_relay_recipient_reject_code = 550
      > unknown_virtual_alias_reject_code = 550
      > unknown_virtual_mailbox_reject_code = 550
      > unverified_recipient_reject_code = 450
      > unverified_sender_reject_code = 450
      > verp_delimiter_filter = -=+
      > virtual_alias_domains = $virtual_alias_maps
      > virtual_alias_expansion_limit = 1000
      > virtual_alias_maps = hash:/etc/postfix/virtual
      > virtual_alias_recursion_limit = 1000
      > virtual_destination_concurrency_limit = $default_destination_concurrency_limit
      > virtual_destination_recipient_limit = $default_destination_recipient_limit
      > virtual_gid_maps =
      > virtual_mailbox_base =
      > virtual_mailbox_domains = $virtual_mailbox_maps
      > virtual_mailbox_limit = 51200000
      > virtual_mailbox_lock = fcntl
      > virtual_mailbox_maps =
      > virtual_minimum_uid = 100
      > virtual_transport = virtual
      > virtual_uid_maps =





      - --
      Glenn English
      ghe@...

      -----BEGIN PGP SIGNATURE-----
      Version: GnuPG v1.4.6 (GNU/Linux)
      Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

      iD8DBQFIQ2Gt04yQfZbbTLYRAjEaAJ9LvRhvM0qMC0Lx8U3/M/shuZ77cwCfet8Q
      sWPyKJmG/g5ScLeyteDY2qk=
      =W8Bg
      -----END PGP SIGNATURE-----
    • Ralf Hildebrandt
      ... We need postconf -n output -- Ralf Hildebrandt (Ralf.Hildebrandt@charite.de) snickebo@charite.de Postfix - Einrichtung, Betrieb und Wartung
      Message 2 of 9 , Jun 1, 2008
      • 0 Attachment
        * Glenn English <ghe@...>:
        > Postfix (2.3.8 binary Debian testing install) has quit working reliably.
        > I've restarted it, reinstalled it, and found the string in the cidr
        > check in the utilities (don't understand what's going on). I'm at a loss...
        >
        > Here's part of a log:
        >
        > > Jun 1 20:34:28 server postfix/smtpd[6412]: connect from unknown[209.164.135.37]
        > > Jun 1 20:34:28 server postfix/smtpd[6412]: fatal: bad address pattern: "be"

        > Here's postconf:

        We need "postconf -n" output

        --
        Ralf Hildebrandt (Ralf.Hildebrandt@...) snickebo@...
        Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155
        http://www.arschkrebs.de
        #!/bin/sh
        cat <<EOF | dc -e "[lila/sulila%Plusili0<y]sy?si256salyx"
        403736150440747681954588245935305944858835839713675044439128476844672\
        007875165788798502153167817380873133828163530564
        EOF
      • Wietse Venema
        ... It s probably a bad mynetworks setting in main.cf. Wietse
        Message 3 of 9 , Jun 2, 2008
        • 0 Attachment
          Ralf Hildebrandt:
          > * Glenn English <ghe@...>:
          > > Postfix (2.3.8 binary Debian testing install) has quit working reliably.
          > > I've restarted it, reinstalled it, and found the string in the cidr
          > > check in the utilities (don't understand what's going on). I'm at a loss...
          > >
          > > Here's part of a log:
          > >
          > > > Jun 1 20:34:28 server postfix/smtpd[6412]: connect from unknown[209.164.135.37]
          > > > Jun 1 20:34:28 server postfix/smtpd[6412]: fatal: bad address pattern: "be"
          >
          > > Here's postconf:
          >
          > We need "postconf -n" output

          It's probably a bad "mynetworks" setting in main.cf.

          Wietse
        • Glenn English
          ... Hash: SHA1 ... That was it. Looking at the source again, in non-panic mode, it seems to be looking for the /nn at the end of a cidr address. I have a
          Message 4 of 9 , Jun 2, 2008
          • 0 Attachment
            -----BEGIN PGP SIGNED MESSAGE-----
            Hash: SHA1

            Wietse Venema wrote:

            >
            > It's probably a bad "mynetworks" setting in main.cf.
            >

            That was it. Looking at the source again, in non-panic mode, it seems to
            be looking for the /nn at the end of a cidr address.

            I have a number of lines in mynetworks to allow some users to send from
            alien networks:

            > # begin email clients list
            > 71.123.14.46 # aw
            > 71.211.167.203 # be
            > 98.196.220.102 # betty
            > 75.171.165.24 # bob
            > 24.8.143.224 # david
            > 192.168.20.229 # ghe
            > 67.198.106.39 # jerry
            > 72.253.99.191 # re
            > 71.218.143.191 # tr
            > # end email clients list

            this one triggers the error from cidr_match_parse() in src/util/:

            > 71.211.167.203 # be

            The others don't seem to. A /32 after the IP doesn't help. But changing
            "be" to "qwbe" (or leaving off the label) does, and allows him to use
            the server.

            Anybody have the time/understanding/inclination to explain???

            - --
            Glenn English
            ghe@...

            -----BEGIN PGP SIGNATURE-----
            Version: GnuPG v1.4.6 (GNU/Linux)
            Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

            iD8DBQFIRCe304yQfZbbTLYRAjoQAKCa3cT39rNFgWHFhznhpAyHYL3ofQCeN5n0
            EpiaYeK6l/RTrLG48CcWLrY=
            =f/bd
            -----END PGP SIGNATURE-----
          • MrC
            ... The only reference to comments in the cidr_table(5) documentation is: blank lines and comments Empty lines and whitespace-only lines are ignored, as are
            Message 5 of 9 , Jun 2, 2008
            • 0 Attachment
              Glenn English wrote:
              >> # begin email clients list
              >> 71.123.14.46 # aw
              >> 71.211.167.203 # be
              >> 98.196.220.102 # betty
              >> 75.171.165.24 # bob
              >> 24.8.143.224 # david
              >> 192.168.20.229 # ghe
              >> 67.198.106.39 # jerry
              >> 72.253.99.191 # re
              >> 71.218.143.191 # tr
              >> # end email clients list
              >
              > this one triggers the error from cidr_match_parse() in src/util/:
              >
              >> 71.211.167.203 # be

              The only reference to comments in the cidr_table(5) documentation is:

              blank lines and comments
              Empty lines and whitespace-only lines are ignored, as are lines
              whose first non-whitespace character is a `#'.

              Lose the comments at the end of the line.

              MrC

              >
              > The others don't seem to. A /32 after the IP doesn't help. But changing
              > "be" to "qwbe" (or leaving off the label) does, and allows him to use
              > the server.
              >
              > Anybody have the time/understanding/inclination to explain???
              >
            • Noel Jones
              ... Postfix doesn t allow in-line comments. Postfix is trying to make sense of the hostname be , which fails. If you want to comment your entries, put the
              Message 6 of 9 , Jun 2, 2008
              • 0 Attachment
                Glenn English wrote:
                > -----BEGIN PGP SIGNED MESSAGE-----
                > Hash: SHA1
                >
                > Wietse Venema wrote:
                >
                >> It's probably a bad "mynetworks" setting in main.cf.
                >>
                >
                > That was it. Looking at the source again, in non-panic mode, it seems to
                > be looking for the /nn at the end of a cidr address.
                >
                > I have a number of lines in mynetworks to allow some users to send from
                > alien networks:
                >
                >> # begin email clients list
                >> 71.123.14.46 # aw
                >> 71.211.167.203 # be
                >> 98.196.220.102 # betty
                >> 75.171.165.24 # bob
                >> 24.8.143.224 # david
                >> 192.168.20.229 # ghe
                >> 67.198.106.39 # jerry
                >> 72.253.99.191 # re
                >> 71.218.143.191 # tr
                >> # end email clients list
                >
                > this one triggers the error from cidr_match_parse() in src/util/:
                >
                >> 71.211.167.203 # be
                >
                > The others don't seem to. A /32 after the IP doesn't help. But changing
                > "be" to "qwbe" (or leaving off the label) does, and allows him to use
                > the server.
                >
                > Anybody have the time/understanding/inclination to explain???
                >
                > - --
                > Glenn English
                > ghe@...
                >

                Postfix doesn't allow in-line comments. Postfix is trying to
                make sense of the hostname "be", which fails.

                If you want to comment your entries, put the comments on a
                separate line.

                The first section of
                http://www.postfix.org/postconf.5.html
                documents the format of main.cf


                --
                Noel Jones
              • ghe
                ... Hash: SHA1 ... I didn t know that -- but the fact that it didn t hurl all the time makes me wonder what it s doing with the ones it *did* make sense of.
                Message 7 of 9 , Jun 2, 2008
                • 0 Attachment
                  -----BEGIN PGP SIGNED MESSAGE-----
                  Hash: SHA1

                  Noel Jones wrote:

                  | Postfix doesn't allow in-line comments. Postfix is trying to make sense
                  | of the hostname "be", which fails.

                  I didn't know that -- but the fact that it didn't hurl all the time
                  makes me wonder what it's doing with the ones it *did* make sense of.

                  | If you want to comment your entries, put the comments on a separate line.

                  I think I can live with that.

                  They weren't really comments; they're labels for a piece of software
                  that needs to know who's at what IP.

                  Thanks to all for the cluebats...

                  - --
                  Glenn English
                  ghe@...

                  -----BEGIN PGP SIGNATURE-----
                  Version: GnuPG v1.4.8 (Darwin)
                  Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

                  iEYEARECAAYFAkhEgGkACgkQ04yQfZbbTLamgwCeM79VHb7RdK2k9Pi7qTGfFWZk
                  iagAniiUKW/YVSOge8aFWs2T5xL+zAyU
                  =ZK30
                  -----END PGP SIGNATURE-----
                • mouss
                  ... not promissed, thus unpredictable. be happy that you didn t erase the whole disk. ... The last guy who song my intuition is good was killed. so read the
                  Message 8 of 9 , Jun 2, 2008
                  • 0 Attachment
                    ghe wrote:
                    > Noel Jones wrote:
                    >
                    > | Postfix doesn't allow in-line comments. Postfix is trying to make sense
                    > | of the hostname "be", which fails.
                    >
                    > I didn't know that -- but the fact that it didn't hurl all the time
                    > makes me wonder what it's doing with the ones it *did* make sense of.

                    not promissed, thus unpredictable. be happy that you didn't erase the
                    whole disk.

                    >
                    > | If you want to comment your entries, put the comments on a separate
                    > line.
                    >
                    > I think I can live with that.
                    >
                    > They weren't really comments; they're labels for a piece of software
                    > that needs to know who's at what IP.

                    The last guy who song "my intuition is good" was killed. so read the
                    documentation.
                    >
                    > Thanks to all for the cluebats...
                    >
                  • Wietse Venema
                    ... Postfix uses the inet_pton() system routine, and apparently that routine returned an error for be but not for the other strings. I have no idea what
                    Message 9 of 9 , Jun 2, 2008
                    • 0 Attachment
                      ghe:
                      > Noel Jones wrote:
                      >
                      > | Postfix doesn't allow in-line comments. Postfix is trying to make sense
                      > | of the hostname "be", which fails.
                      >
                      > I didn't know that -- but the fact that it didn't hurl all the time
                      > makes me wonder what it's doing with the ones it *did* make sense of.

                      Postfix uses the inet_pton() system routine, and apparently that
                      routine returned an error for "be" but not for the other strings.
                      I have no idea what result it produced for the junk.

                      Wietse

                      > | If you want to comment your entries, put the comments on a separate line.
                      >
                      > I think I can live with that.
                      >
                      > They weren't really comments; they're labels for a piece of software
                      > that needs to know who's at what IP.
                      >
                      > Thanks to all for the cluebats...
                      >
                      > --
                      > Glenn English
                      > ghe@...
                      -- End of PGP signed section.
                    Your message has been successfully submitted and would be delivered to recipients shortly.