Loading ...
Sorry, an error occurred while loading the content.
 

Re: holding local delivery

Expand Messages
  • Larry Stone
    ... One day is pretty short. The default is five days. Although things are a lot more reliable these days, it s still possible for an unattended destination
    Message 1 of 16 , Apr 1, 2010
      On 3/31/10 11:03 PM, Vernon A. Fort at vfort@... wrote:


      > The maximal_queue_lifetime-30s was for testing only - its normally set
      > for 1d.

      One day is pretty short. The default is five days. Although things are a lot
      more reliable these days, it's still possible for an unattended destination
      server to be down over a weekend or be down for long periods for an upgrade,
      etc.

      --
      Larry Stone
      lstone19@...
      http://www.stonejongleux.com/
    • J.R.Ewing
      ... Thanks Simon and Ralf for replies, I was observing SRS and it lookslike there is not a simple way to implement it with postfix. Because Iam just starting
      Message 2 of 16 , Apr 1, 2010
        Simon Waters napsal(a):
        > On Thursday 01 April 2010 12:38:29 J.R.Ewing wrote:
        >> Is there any solution?
        >> I have idea to move senders address to "reply to" field and write new
        >> sender. Is it possible with postfix?
        >
        > As Ralph says SRS will do this.
        >
        > However I looked at this recently for a project, where I thought I'd need SRS,
        > and after reviewing the various issues and SPF adoption figures, concluded
        > I'd ignore SPF.
        >
        > In particular very few people reject outright on SPF failure (not least this
        > isn't a good strategy compared to other filtering methods if all you want to
        > do is reduce spam). Various systems handle SPF failed email in a more
        > suspicious manner, but that isn't a practical problem in my experience.
        >
        > SRS might work better for your purpose, but SPF is broken by design and you
        > should flag that to the people using it.
        >
        > We forward a lot of email, we don't do envelope rewriting, and have had a
        > handful of complaints over the years, most from the same person who didn't
        > seem to understand "we have no plans to change at this time".


        Thanks Simon and Ralf for replies,

        I was observing SRS and it lookslike there is not a simple way to
        implement it with postfix.
        Because Iam just starting to relaying at my server, I will let some time
        to see, if there are some major problems with it or if it works
        unnoticed for users. Sad is, that the major freemail provider
        (seznam.cz) here in Czech Republic sadly implement and enforce SPF, the
        question is, how many domains that our users would be recieving from are
        SPF "protected" (I know only one, at domain of our company :-/).

        Thanks again

        J.R
      • Wietse Venema
        ... make that: local.unix (the connection type comes last).
        Message 3 of 16 , Apr 1, 2010
          Wietse Venema:
          > Vernon A. Fort:
          > > The maximal_queue_lifetime-30s was for testing only - its normally set
          > > for 1d. The sole issues is to prevent mail from bouncing back if we
          > > don't get the encrypted volume mounted and cyrus started back up soon
          > > enough. A reasonable example would be if the server rebooted due to a
          > > power hiccup and we did not get the notifications quick enough.
          > >
          > > For now, i have a startup script to set the maximal_queue_lifetime to 1w
          > > using postconf -e. This seems to do the trick.
          >
          > Another option is
          >
          > postconf -e "master_service_disable = unix.local"

          make that: local.unix (the connection type comes last).

          > Or even:
          >
          > postconf -e "master_service_disable = qmgr.fifo"
          >
          > (requires Postfix 2.6 or later).
          >
          > Wietse
          >
          >
        • ram
          ... SPF if not the only reason why you would need SRS. We provide SMTP relay for various mail servers. I want to make sure that every customer uses only his
          Message 4 of 16 , Apr 2, 2010
            On Thu, 2010-04-01 at 12:14 +0000, Simon Waters wrote:
            > On Thursday 01 April 2010 12:38:29 J.R.Ewing wrote:
            > >
            > > Is there any solution?
            > > I have idea to move senders address to "reply to" field and write new
            > > sender. Is it possible with postfix?
            >
            > As Ralph says SRS will do this.
            >
            > However I looked at this recently for a project, where I thought I'd need SRS,
            > and after reviewing the various issues and SPF adoption figures, concluded
            > I'd ignore SPF.
            >
            > In particular very few people reject outright on SPF failure (not least this
            > isn't a good strategy compared to other filtering methods if all you want to
            > do is reduce spam). Various systems handle SPF failed email in a more
            > suspicious manner, but that isn't a practical problem in my experience.
            >
            > SRS might work better for your purpose, but SPF is broken by design and you
            > should flag that to the people using it.
            >
            > We forward a lot of email, we don't do envelope rewriting, and have had a
            > handful of complaints over the years, most from the same person who didn't
            > seem to understand "we have no plans to change at this time".

            SPF if not the only reason why you would need SRS.
            We provide SMTP relay for various mail servers.
            I want to make sure that every customer uses only his domain(s) and
            sends the mail. Important to implement proper usage reporting as well as
            stop abuse of network



            Thanks
            Ram





            PS: SPF is used by gmail,hotmail, aol and 40% of the fortune 500
            companies in the world among a huge lot of others. I dont think it
            makes any sense to flag anything like "SPF is broken" to so many people.
            Anyway discussing rising SPF adoption and the unreasonable arguments
            against SPF is OT on the postfix mailing list.
          • Wietse Venema
            ... Postfix supports DKIM, DomainKeys, SPF, SRS, SenderID, etc., etc., via Milter plugins or SMTP-based content filters. Wietse
            Message 5 of 16 , Apr 2, 2010
              ram:
              >
              > On Thu, 2010-04-01 at 12:14 +0000, Simon Waters wrote:
              > > On Thursday 01 April 2010 12:38:29 J.R.Ewing wrote:
              > > >
              > > > Is there any solution?
              > > > I have idea to move senders address to "reply to" field and write new
              > > > sender. Is it possible with postfix?

              Postfix supports DKIM, DomainKeys, SPF, SRS, SenderID, etc., etc.,
              via Milter plugins or SMTP-based content filters.

              Wietse
            • Jose Ildefonso Camargo Tolosa
              Hi! This is getting interesting..... How, exactly, does mailman (or other mailing list manager) handles this? I mean, I have seen several SPF-enabled domains,
              Message 6 of 16 , Apr 3, 2010
                Hi!

                This is getting interesting..... How, exactly, does mailman (or other
                mailing list manager) handles this? I mean, I have seen several
                SPF-enabled domains, and these domains have subscriptions to one or
                more lists... now, reading the headers for one of the messages of this
                lists, I got this:

                Sender: owner-postfix-users@...

                So... my guess is that the SPF check will go against this mail
                address, not the one on the From field..... am I right?

                What do you think?

                lldefonso Camargo
              • Sahil Tandon
                ... SPF is against the ENVELOPE, not the HEADER. -- Sahil Tandon
                Message 7 of 16 , Apr 3, 2010
                  On Sat, 03 Apr 2010, Jose Ildefonso Camargo Tolosa wrote:

                  > So... my guess is that the SPF check will go against this mail
                  > address, not the one on the From field..... am I right?

                  SPF is against the ENVELOPE, not the HEADER.

                  --
                  Sahil Tandon <sahil@...>
                • Wietse Venema
                  ... SPF uses the address in MAIL FROM command. This is sent before the RCPT TO command and before the message header/body. Wietse
                  Message 8 of 16 , Apr 3, 2010
                    Jose Ildefonso Camargo Tolosa:
                    > Hi!
                    >
                    > This is getting interesting..... How, exactly, does mailman (or other
                    > mailing list manager) handles this? I mean, I have seen several
                    > SPF-enabled domains, and these domains have subscriptions to one or
                    > more lists... now, reading the headers for one of the messages of this
                    > lists, I got this:
                    >
                    > Sender: owner-postfix-users@...
                    >
                    > So... my guess is that the SPF check will go against this mail
                    > address, not the one on the From field..... am I right?
                    >
                    > What do you think?

                    SPF uses the address in MAIL FROM command. This is sent before
                    the RCPT TO command and before the message header/body.

                    Wietse
                  Your message has been successfully submitted and would be delivered to recipients shortly.