Loading ...
Sorry, an error occurred while loading the content.

Re: How to setup postfix to put the queued emails in hold (and not in deferred)

Expand Messages
  • Michele Carandente
    Hi, sorry if I write again, but I ve found how to queue directly in HOLD. Basically the option is: smtpd_sender_restrictions = static:HOLD But in this way all
    Message 1 of 16 , Feb 8, 2010
    View Source
    • 0 Attachment
      Hi,
      sorry if I write again, but I've found how to queue directly in HOLD.
      Basically the option is:
      smtpd_sender_restrictions = static:HOLD

      But in this way all the emails will be queued, even the internal one...
      There is a way to queue just the emails that will be relayed externally?
      Googling a bit I found that should be something like:
      smtpd_sender_restrictions = permit_auth_destination static:hold
      but it's not working for me...

      In my configuration I'm matching the internal addresses in
      transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf

      Thanks
      Michele
    • Wietse Venema
      ... It works exactly as documented: permit the request when the RECIPIENT is internal; otherwise, hold the message. These, and other features, are
      Message 2 of 16 , Feb 8, 2010
      View Source
      • 0 Attachment
        Michele Carandente:
        > Hi,
        > sorry if I write again, but I've found how to queue directly in HOLD.
        > Basically the option is:
        > smtpd_sender_restrictions = static:HOLD
        >
        > But in this way all the emails will be queued, even the internal one...
        > There is a way to queue just the emails that will be relayed externally?
        > Googling a bit I found that should be something like:
        > smtpd_sender_restrictions = permit_auth_destination static:hold
        > but it's not working for me...

        It works exactly as documented: permit the request when the RECIPIENT
        is internal; otherwise, hold the message.

        These, and other features, are painstakingly documented in, for
        example, http://www.postfix.org/postconf.5.html

        In particular, client features are documented unter
        http://www.postfix.org/postconf.5.html#smtpd_client_restrictions

        Sender features are documented under
        http://www.postfix.org/postconf.5.html#smtpd_sender_restrictions

        See also: http://www.postfix.org/SMTPD_ACCESS_README.html

        Wietse
      • Michele Carandente
        Hi Wietse, I had a look at the links that you ve suggested me. If I ve understand correctly, I don t have to use the smtpd_sender_restrictions option,
        Message 3 of 16 , Feb 8, 2010
        View Source
        • 0 Attachment
          Hi Wietse,
          I had a look at the links that you've suggested me.
          If I've understand correctly, I don't have to use the
          'smtpd_sender_restrictions' option, because I have to match the
          receiver and, if it's in transport_maps =
          proxy:mysql:/etc/postfix/mysql-virtual_transports.cf, then means that
          it's internal and don't need to be in queue.

          So I guess I need to use the option 'smtpd_recipient_restrictions'
          At the moment it is that option: smtpd_recipient_restrictions =
          permit_mynetworks, permit_sasl_authenticated,
          reject_unauth_destination

          So now I think I've to modify it, so that I'll tell that if the
          receiver is matching with an address of transport_maps (Internal
          email), then nothing, otherwhise put all the emails in HOLD.

          This is the theory. But pratically how the
          smtpd_recipient_restrictions should look like?

          Thanks
          Michele
        • Wietse Venema
          ... What problem are you trying to solve: hold mail only from non-local clients? then use smtpd_client_restrictions = permit_mynetworks static:hold Something
          Message 4 of 16 , Feb 8, 2010
          View Source
          • 0 Attachment
            Michele Carandente:
            > Hi Wietse,
            > I had a look at the links that you've suggested me.
            > If I've understand correctly, I don't have to use the
            > 'smtpd_sender_restrictions' option, because I have to match the
            > receiver and, if it's in transport_maps =
            > proxy:mysql:/etc/postfix/mysql-virtual_transports.cf, then means that
            > it's internal and don't need to be in queue.
            >
            > So I guess I need to use the option 'smtpd_recipient_restrictions'
            > At the moment it is that option: smtpd_recipient_restrictions =
            > permit_mynetworks, permit_sasl_authenticated,
            > reject_unauth_destination
            >
            > So now I think I've to modify it, so that I'll tell that if the
            > receiver is matching with an address of transport_maps (Internal
            > email), then nothing, otherwhise put all the emails in HOLD.
            >
            > This is the theory. But pratically how the
            > smtpd_recipient_restrictions should look like?

            What problem are you trying to solve: hold mail only from
            non-local clients? then use

            smtpd_client_restrictions = permit_mynetworks static:hold

            Something else? This would be a good time to describe what
            you actually want, instead of what does "not work".

            Wietse
          • Michele Carandente
            Hi Wietse, first of all thaks for your reply. The problem is exatly what you said before: hold mail only from non-local clients. I tried as you said with
            Message 5 of 16 , Feb 8, 2010
            View Source
            • 0 Attachment
              Hi Wietse,
              first of all thaks for your reply.

              The problem is exatly what you said before: hold mail only from
              non-local clients.
              I tried as you said with smtpd_client_restrictions = permit_mynetworks
              static:hold (actually was like that: smtpd_recipient_restrictions =
              permit_mynetworks static:HOLD, permit_sasl_authenticated,
              reject_unauth_destination) but it''s putting everithing in HOLD.

              Basically my configuration is not a real standard one.
              I've this mailserver that must queue all external email and, when I
              want, relay them to different domains (depending of the sender).
              To say to postfix which email is internal, instead of use
              virtual_mailbox_domains, that will consider all the emails part of
              that domain as internal, I'm using transport_maps =
              proxy:mysql:/etc/postfix/mysql-virtual_transports.cf, where is
              pointing to a column of the mail_users database. That column will have
              as value 'virtual', so postfix will know if the receiver is internal
              or not.

              I hope now my configuration is more understandble.

              Thanks
              Michele
            • Wietse Venema
              ... If Postfix holds ALL mail, then you have other hold actions in the configuration. Get rid of them. With: smtpd_client_restrictions = permit_mynetworks
              Message 6 of 16 , Feb 8, 2010
              View Source
              • 0 Attachment
                Michele Carandente:
                > Hi Wietse,
                > first of all thaks for your reply.
                >
                > The problem is exatly what you said before: hold mail only from
                > non-local clients.
                > I tried as you said with smtpd_client_restrictions = permit_mynetworks
                > static:hold (actually was like that: smtpd_recipient_restrictions =
                > permit_mynetworks static:HOLD, permit_sasl_authenticated,
                > reject_unauth_destination) but it''s putting everithing in HOLD.

                If Postfix holds ALL mail, then you have other hold actions in
                the configuration. Get rid of them.

                With:

                smtpd_client_restrictions = permit_mynetworks static:hold

                Postfix will HOLD mail from clients that do not match the mynetworks
                setting.

                Wietse
              • Noel Jones
                ... The documented way to tell postfix to accept mail for a domain is to put the domain in one of {mydestination, relay_domains, virtual_alias_domains,
                Message 7 of 16 , Feb 8, 2010
                View Source
                • 0 Attachment
                  On 2/8/2010 9:23 AM, Michele Carandente wrote:
                  > Hi Wietse,
                  > first of all thaks for your reply.
                  >
                  > The problem is exatly what you said before: hold mail only from
                  > non-local clients.
                  > I tried as you said with smtpd_client_restrictions = permit_mynetworks
                  > static:hold (actually was like that: smtpd_recipient_restrictions =
                  > permit_mynetworks static:HOLD, permit_sasl_authenticated,
                  > reject_unauth_destination) but it''s putting everithing in HOLD.
                  >
                  > Basically my configuration is not a real standard one.
                  > I've this mailserver that must queue all external email and, when I
                  > want, relay them to different domains (depending of the sender).
                  > To say to postfix which email is internal, instead of use
                  > virtual_mailbox_domains, that will consider all the emails part of
                  > that domain as internal, I'm using transport_maps =
                  > proxy:mysql:/etc/postfix/mysql-virtual_transports.cf, where is
                  > pointing to a column of the mail_users database. That column will have
                  > as value 'virtual', so postfix will know if the receiver is internal
                  > or not.

                  The documented way to tell postfix to accept mail for a domain
                  is to put the domain in one of {mydestination, relay_domains,
                  virtual_alias_domains, virtual_mailbox_domains}. See below
                  for some documentation links. I don't see transport_maps
                  listed there.

                  When you don't use the documented interface, you're on your
                  own. While it may be possible to do what you ask with your
                  current configuration, the standard tools and standard answers
                  won't work. Be aware future postfix upgrades may "break" your
                  non-documented configuration.

                  Good luck.

                  http://www.postfix.org/BASIC_CONFIGURATION_README.html
                  http://www.postfix.org/SOHO_README.html
                  http://www.postfix.org/STANDARD_CONFIGURATION_README.html
                  http://www.postfix.org/VIRTUAL_README.html
                  http://www.postfix.org/ADDRESS_CLASS_README.html


                  -- Noel Jones
                • Michele Carandente
                  Hi Noel, thanks for your reply. I know that unfortunately it s not a standard configuration of Postfix, but it s the only one that solve all my problem...
                  Message 8 of 16 , Feb 9, 2010
                  View Source
                  • 0 Attachment
                    Hi Noel,
                    thanks for your reply.
                    I know that unfortunately it's not a standard configuration of
                    Postfix, but it's the only one that solve all my problem...
                    Anyway I will not upgrade postfix for at least the next 2 years...

                    I'll try again to find a way to put emails in HOLD
                    automatically...otherwise I'll add a cronjob with the command:
                    'postsuper -h ALL'

                    Cheers
                    Michele
                  • Victor Duchovni
                    ... The cron job will be completely ineffective. It will miss all mail that is delivered between command invocations. This would be a terrible design. Postfix
                    Message 9 of 16 , Feb 9, 2010
                    View Source
                    • 0 Attachment
                      On Tue, Feb 09, 2010 at 09:44:16AM +0000, Michele Carandente wrote:

                      > I'll try again to find a way to put emails in HOLD
                      > automatically...otherwise I'll add a cronjob with the command:
                      > 'postsuper -h ALL'

                      The cron job will be completely ineffective. It will miss all mail that
                      is delivered between command invocations. This would be a terrible design.

                      Postfix can put email on HOLD via access(5) checks, header/body checks
                      or milter "quarantine" actions. Plenty of rope.

                      --
                      Viktor.

                      P.S. Morgan Stanley is looking for a New York City based, Senior Unix
                      system/email administrator to architect and sustain our perimeter email
                      environment. If you are interested, please drop me a note.
                    • Michele Carandente
                      Hi Victor, I agree that the cron job solution is not the best one... but at the moment it is the only one that I m able to offer... (Even if with a cron job
                      Message 10 of 16 , Feb 10, 2010
                      View Source
                      • 0 Attachment
                        Hi Victor,
                        I agree that the cron job solution is not the best one... but at the
                        moment it is the only one that I'm able to offer...
                        (Even if with a cron job every 5 seconds(for example), I'll not lose
                        any emails...)

                        As Noel Jones said before: "The documented way to tell postfix to
                        accept mail for a domain is to put the domain in one of
                        {mydestination, relay_domains, virtual_alias_domains,
                        virtual_mailbox_domains}. See below for some documentation links. I
                        don't see transport_maps listed there."

                        So, with my configuration, if you can suggest me a possible and better
                        solution I'll really appreciate it.

                        Thanks a lot
                        Michele
                      • Victor Duchovni
                        ... To put an entire message on HOLD, use access(5) or header_checks(5) or body_checks(5). To put some recipients on hold requires forwarding of the held
                        Message 11 of 16 , Feb 10, 2010
                        View Source
                        • 0 Attachment
                          On Wed, Feb 10, 2010 at 09:22:41AM +0000, Michele Carandente wrote:

                          > I agree that the cron job solution is not the best one... but at the
                          > moment it is the only one that I'm able to offer...
                          > (Even if with a cron job every 5 seconds(for example), I'll not lose
                          > any emails...)
                          >
                          > As Noel Jones said before: "The documented way to tell postfix to
                          > accept mail for a domain is to put the domain in one of
                          > {mydestination, relay_domains, virtual_alias_domains,
                          > virtual_mailbox_domains}. See below for some documentation links. I
                          > don't see transport_maps listed there."
                          >
                          > So, with my configuration, if you can suggest me a possible and better
                          > solution I'll really appreciate it.

                          To put an entire message on HOLD, use access(5) or header_checks(5)
                          or body_checks(5). To put some recipients on hold requires forwarding
                          of the held recipients into a downstream Postfix queue which holds
                          complete messages. HOLD a message action, not a recipient action.

                          --
                          Viktor.

                          P.S. Morgan Stanley is looking for a New York City based, Senior Unix
                          system/email administrator to architect and sustain our perimeter email
                          environment. If you are interested, please drop me a note.
                        • Michele Carandente
                          Hi Victor. Thanks for your reply. My problem is that I want to put all the emails in HOLD, apart the local one. As I said before, my installation is not exatly
                          Message 12 of 16 , Feb 15, 2010
                          View Source
                          • 0 Attachment
                            Hi Victor.
                            Thanks for your reply.

                            My problem is that I want to put all the emails in HOLD, apart the local one.
                            As I said before, my installation is not exatly a standard one...
                            I recognize local emails with:
                            transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
                            where a database say me 'virtual' if the email is local, ':' otherwise.

                            So I don't know how to say to postfix which email will not be HOLD...

                            I'm quite lost at the moment... can you put me in the right way?

                            Thanks
                            Michele
                          • Michele Carandente
                            Hi guys. I m still looking for the right solution... As I said before, I was thinking to put in a cronjob the command postsuper -h ALL , but in that case I ll
                            Message 13 of 16 , Feb 24, 2010
                            View Source
                            • 0 Attachment
                              Hi guys.
                              I'm still looking for the right solution...

                              As I said before, I was thinking to put in a cronjob the command
                              "postsuper -h ALL", but in that case I'll put in hold also the emails
                              that are in queue because maybe there was an error during the
                              delivery.

                              Suggestions?

                              Thanks
                              Michele
                            • Victor Duchovni
                              ... This is a bad idea. If you want to hold mail for certain recipients, deliver it to a Postfix instance that HOLDs all mail. If you want to HOLD certain
                              Message 14 of 16 , Feb 24, 2010
                              View Source
                              • 0 Attachment
                                On Wed, Feb 24, 2010 at 04:16:56PM +0000, Michele Carandente wrote:

                                > Hi guys.
                                > I'm still looking for the right solution...
                                >
                                > As I said before, I was thinking to put in a cronjob the command
                                > "postsuper -h ALL", but in that case I'll put in hold also the emails
                                > that are in queue because maybe there was an error during the
                                > delivery.

                                This is a bad idea. If you want to hold mail for certain recipients,
                                deliver it to a Postfix instance that HOLDs all mail. If you want
                                to HOLD certain messages based on sender or content, apply the right
                                access(5), header_checks(5) or body_checks(5) rules.

                                --
                                Viktor.

                                P.S. Morgan Stanley is looking for a New York City based, Senior Unix
                                system/email administrator to architect and sustain our perimeter email
                                environment. If you are interested, please drop me a note.
                              Your message has been successfully submitted and would be delivered to recipients shortly.