Loading ...
Sorry, an error occurred while loading the content.

Re: Upgrade for Postfix & Mailman

Expand Messages
  • Reindl Harald
    ... and that is why i said 10 years ago apple is crap on a server nobody believed me and sweared it is the bast you can have throw away this carp and learn how
    Message 1 of 15 , Jan 25, 2013
    • 0 Attachment
      Am 25.01.2013 23:46, schrieb Larry Stone:
      > One of the problems of the past was Apple's constant behind the scenes changes which required some reconfiguration
      > at every major upgrade. If I do ever move forward with trying to upgrade, I most likely will go "build from
      > sources" for everything (ignoring Apple's provided Postfix) with everything in /usr/local (which Apple so far does
      > not touch) so that I am not at the whim of their changes

      and that is why i said 10 years ago apple is crap on a server
      nobody believed me and sweared it is the bast you can have

      throw away this carp and learn how to work with a real
      operating system like linx or bsd
    • John Allen
      ... As has been said elsewhere not really that surprising. The flavour of the day is /the cloud/ ! ... I run a couple of servers for a small business co-op
      Message 2 of 15 , Jan 26, 2013
      • 0 Attachment
        On 25/01/2013 3:07 PM, Jeff Bernier wrote:
        Hello All,

        I am currently running Mailman (2.1.14) and Postfix (2.4.3) on an aging Mac OS X server (10.5.8). Mailman and Postfix on this system are Apple's implementation on their platform of course. Apple no longer supports the Xserve platform, and I am in need of replacing this system, and upgrading to newer versions of Postfix and Mailman.

        As has been said elsewhere not really that surprising.  The flavour of the day is "the cloud"!

        We use Postfix for our on campus SMTP Gateway, and Mailman for a small number of active lists. The traffic is light.

        Can anyone recommend a good replacement to this? Recommended Unix/Linux? Is a VM environment an option?

        I run a couple of servers for a small business co-op one Debian Wheezy and one Ubuntu (currently 12.04 LTS).
        Both run mail servers( Postfix+Dovecot+Amavis-new), WEB servers (HTTP, webdav, davical) plus a few odds and ends without breaking a sweat.
        The Debian machine ran Centos 5 until approx a 18 months ago.
        Both machines have been running for about 4 years without any unplanned outages (Not quite true we had a power outage that lasted 4 hours and the UPSs shutdown).

        I would like to get away from the Mac solution, and set up some flavor of Unix with more current versions of Postfix and Mailman. I know this is a very broad question, but I have a blank canvas here... just looking for a direction to go in.


        Any suggestions are appreciated.

        Go with Debian, I use Testing (wheezy) but any level would be good. Te only, very minor, problem is that Debian prefers Exim as the MTA because of the Postfix license (IBM vs GPL), but it is supported and I have not seen any plans to drop it.
        Ubuntu would be a good alternative, except that they seem to be pushing their cloud solution.
      • Bob Cohen
        Follows are several maillog entries. I m not clear on how to read them. warning: restriction `reject_rbl_client after `permit is ignored Does this mean,
        Message 3 of 15 , Jan 26, 2013
        • 0 Attachment
          Follows are several maillog entries. I'm not clear on how to read them.

          warning: restriction `reject_rbl_client' after `permit' is ignored

          Does this mean, Postfix rejected an email based on the reject_rbl_client rule, which was placed in the main.cf after the permit. And, Postfix is ignoring the warning?

          warning: restriction `warn_if_reject' after `permit' is ignored

          Does this mean, Postfix rejected an email according to some rule in the main.cf. And, Postfix is ignoring the warning?

          Thanks for the help.

          -Bob

          Bob Cohen
          Writer, Internet Consultant, Teacher
          w: bobjcohen.com
          t: #itsabobworld
        • Reindl Harald
          ... if you want any meaningful answer you have to poast at least a full snippet of all lines to a specific message and output of postconf -n
          Message 4 of 15 , Jan 26, 2013
          • 0 Attachment
            Am 26.01.2013 18:25, schrieb Bob Cohen:
            > Follows are several maillog entries. I'm not clear on how to read them.
            >
            > warning: restriction `reject_rbl_client' after `permit' is ignored
            >
            > Does this mean, Postfix rejected an email based on the reject_rbl_client rule, which was placed in the main.cf after the permit. And, Postfix is ignoring the warning?
            >
            > warning: restriction `warn_if_reject' after `permit' is ignored
            >
            > Does this mean, Postfix rejected an email according to some rule in the main.cf. And, Postfix is ignoring the warning?

            if you want any meaningful answer you have to poast at least
            a full snippet of all lines to a specific message and output
            of "postconf -n"
          • Wietse Venema
            ... This means that you have configured: something = something permit reject_rbl_client something As documented, evaluation stops at permit. Therefore,
            Message 5 of 15 , Jan 26, 2013
            • 0 Attachment
              Bob Cohen:
              > Follows are several maillog entries. I'm not clear on how to read them.
              >
              > warning: restriction `reject_rbl_client' after `permit' is ignored

              This means that you have configured:

              something = something permit reject_rbl_client something

              As documented, evaluation stops at permit. Therefore, reject_rbl_client
              is ignored.

              Wietse
            • Bob Cohen
              ... Thank you. -Bob log snippet 1 Jan 26 13:03:00 fortapache postfix/smtpd[29122]: connect from camomile.cloud9.net[168.100.1.3] Jan 26 13:03:00 fortapache
              Message 6 of 15 , Jan 26, 2013
              • 0 Attachment
                On Jan 26, 2013, at 12:40 PM, Reindl Harald <h.reindl@...> wrote:

                > if you want any meaningful answer you have to poast at least
                > a full snippet of all lines to a specific message and output
                > of "postconf -n"

                Thank you.

                -Bob

                log snippet 1

                Jan 26 13:03:00 fortapache postfix/smtpd[29122]: connect from camomile.cloud9.net[168.100.1.3]
                Jan 26 13:03:00 fortapache postfix/smtpd[29122]: warning: restriction `reject_rbl_client' after `permit' is ignored
                Jan 26 13:03:00 fortapache postfix/smtpd[29122]: warning: restriction `warn_if_reject' after `permit' is ignored
                Jan 26 13:03:00 fortapache postfix/smtpd[29122]: warning: restriction `warn_if_reject' after `permit' is ignored

                log snippet 2

                Jan 26 12:51:52 fortapache postfix/smtpd[28960]: warning: 68.168.97.243: hostname 68-168-97-243.dedicated.codero.net verification failed: Name or service not known
                Jan 26 12:51:52 fortapache postfix/smtpd[28960]: connect from unknown[68.168.97.243]
                Jan 26 12:51:53 fortapache postfix/smtpd[28960]: warning: restriction `reject_rbl_client' after `permit' is ignored
                Jan 26 12:51:53 fortapache postfix/smtpd[28960]: warning: restriction `warn_if_reject' after `permit' is ignored
                Jan 26 12:51:53 fortapache postfix/smtpd[28960]: NOQUEUE: reject: RCPT from unknown[68.168.97.243]: 450 4.1.8 <apache@...>: Sender address rejected: Domain not found; from=<apache@...> to=<42z4r2l5udb@...> proto=ESMTP helo=<68-168-97-243.phx.dedicated.codero.com>
                Jan 26 12:56:53 fortapache postfix/smtpd[28960]: timeout after RSET from unknown[68.168.97.243]
                Jan 26 12:56:53 fortapache postfix/smtpd[28960]: disconnect from unknown[68.168.97.243]



                postconf -n

                alias_database = /etc/postfix/aliases
                alias_maps = hash:/etc/postfix/aliases
                command_directory = /usr/sbin
                config_directory = /etc/postfix
                content_filter = amavisfeed:[127.0.0.1]:10024
                daemon_directory = /usr/libexec/postfix
                home_mailbox = Maildir/
                html_directory = no
                local_recipient_maps = $virtual_alias_maps
                mail_owner = postfix
                mailq_path = /usr/bin/mailq
                manpage_directory = /usr/share/man
                mydestination = /etc/postfix/local_domains
                myhostname = fortapache.bjcserver.com
                myorigin = $myhostname
                newaliases_path = /usr/bin/newaliases
                queue_directory = /var/spool/postfix
                readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
                relay_domains = $mydestination
                sample_directory = /usr/share/doc/postfix-2.3.3/samples
                sendmail_path = /usr/sbin/sendmail
                setgid_group = postdrop
                smtpd_client_restrictions = reject_unauth_pipelining,
                check_client_access hash:/etc/postfix/access,
                check_client_access hash:/etc/postfix/poprelay,
                permit
                reject_rbl_client zen.spamhaus.org,
                reject_rbl_client dnsbl.sorbs.net,
                smtpd_helo_restrictions = check_helo_access pcre:/etc/postfix/tld.pcre,
                permit
                warn_if_reject,
                check_helo_access pcre:/etc/postfix/tld.pcre
                smtpd_recipient_restrictions = reject_non_fqdn_recipient,
                check_client_access hash:/etc/postfix/access,
                reject_unknown_recipient_domain,
                reject_unauth_destination,
                permit
                smtpd_sender_restrictions =
                reject_unknown_sender_domain,
                reject_non_fqdn_sender,
                check_client_access pcre:/etc/postfix/tld.pcre,
                check_client_access hash:/etc/postfix/access,
                check_client_access hash:/etc/postfix/poprelay,
                permit
                warn_if_reject,
                check_reverse_client_hostname_access pcre:/etc/postfix/tld.pcre

                soft_bounce = no
                virtual_alias_maps = hash:/etc/postfix/virtual

                Bob Cohen
                Writer, Internet Consultant, Teacher
                w: bobjcohen.com
                t: #itsabobworld
              • Bob Cohen
                ... Thank you. Does that mean I need to put the something = something before permit? Note I just posted some log entries and postconf -n. -Bob Bob Cohen
                Message 7 of 15 , Jan 26, 2013
                • 0 Attachment
                  On Jan 26, 2013, at 1:00 PM, Wietse Venema <wietse@...> wrote:

                  > Bob Cohen:
                  >> Follows are several maillog entries. I'm not clear on how to read them.
                  >>
                  >> warning: restriction `reject_rbl_client' after `permit' is ignored
                  >
                  > This means that you have configured:
                  >
                  > something = something permit reject_rbl_client something
                  >
                  > As documented, evaluation stops at permit. Therefore, reject_rbl_client
                  > is ignored.

                  Thank you. Does that mean I need to put the something = something before permit? Note I just posted some log entries and postconf -n.

                  -Bob

                  Bob Cohen
                  Writer, Internet Consultant, Teacher
                  w: bobjcohen.com
                  t: #itsabobworld
                • Reindl Harald
                  ... logically yes how do you imagine that anything does something after permit took action?
                  Message 8 of 15 , Jan 26, 2013
                  • 0 Attachment
                    Am 26.01.2013 19:13, schrieb Bob Cohen:
                    >
                    > On Jan 26, 2013, at 1:00 PM, Wietse Venema <wietse@...> wrote:
                    >
                    >> Bob Cohen:
                    >>> Follows are several maillog entries. I'm not clear on how to read them.
                    >>>
                    >>> warning: restriction `reject_rbl_client' after `permit' is ignored
                    >>
                    >> This means that you have configured:
                    >>
                    >> something = something permit reject_rbl_client something
                    >>
                    >> As documented, evaluation stops at permit. Therefore, reject_rbl_client
                    >> is ignored.
                    >
                    > Thank you. Does that mean I need to put the something = something before permit?

                    logically yes

                    how do you imagine that anything does something after "permit" took action?
                  • Viktor Dukhovni
                    ... Postfix is *issuing* the warning, it takes a flight of fancy to think Postfix is ignoring the warning. When Postfix warns you that: thing Y after [thing]
                    Message 9 of 15 , Jan 26, 2013
                    • 0 Attachment
                      On Sat, Jan 26, 2013 at 12:25:00PM -0500, Bob Cohen wrote:

                      > Follows are several maillog entries. I'm not clear on how to read them.
                      >
                      > warning: restriction `reject_rbl_client' after `permit' is ignored
                      >
                      > Does this mean, Postfix rejected an email based on the
                      > reject_rbl_client rule, which was placed in the main.cf after the
                      > permit. And, Postfix is ignoring the warning?

                      Postfix is *issuing* the warning, it takes a flight of fancy to
                      think Postfix is ignoring the warning. When Postfix warns you that:

                      "thing Y after [thing] X is ignored"

                      it means what it says: Thing Y which occurs after thing X is [always]
                      ignored. Therefore, a configuration with thing Y after thing X is
                      likely the result of confusion or a careless error.

                      In this case confusion. Restrictions are evaluated in order, don't
                      modify Postfix restrictions until you understand how they work.

                      Perhaps this will help:

                      http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt

                      DO NOT parrot any of the specific examples in the guide, rather
                      read it ONLY for its explanation of how restrictions work, using
                      the specific examples only to help you understand the general rules.
                      The explanator material starts with:

                      General Notes On "hostname," "helo," "client," "sender"
                      and "recipient" Access Lists and Restrictions

                      and especially the section:

                      Understanding The Order In Which SMTPD Restrictions Are Applied

                      --
                      Viktor.
                    • Wietse Venema
                      ... No. It means you should read documentation instead seeking well-known answers on the mailing list. Start with these:
                      Message 10 of 15 , Jan 26, 2013
                      • 0 Attachment
                        Bob Cohen:
                        >
                        > On Jan 26, 2013, at 1:00 PM, Wietse Venema <wietse@...> wrote:
                        >
                        > > Bob Cohen:
                        > >> Follows are several maillog entries. I'm not clear on how to read them.
                        > >>
                        > >> warning: restriction `reject_rbl_client' after `permit' is ignored
                        > >
                        > > This means that you have configured:
                        > >
                        > > something = something permit reject_rbl_client something
                        > >
                        > > As documented, evaluation stops at permit. Therefore, reject_rbl_client
                        > > is ignored.
                        >
                        > Thank you. Does that mean I need to put the something = something
                        > before permit? Note I just posted some log entries and postconf

                        No. It means you should read documentation instead
                        seeking well-known answers on the mailing list.

                        Start with these:
                        http://www.postfix.org/BASIC_CONFIGURATION_README.html
                        http://www.postfix.org/SMTPD_ACCESS_README.html

                        and follow the hyperlinks.

                        Wietse
                      • Bob Cohen
                        ... Thank you. Sorry if I violated list etiquette. It s hard for a ham and egger like me to know what is or isn t common knowledge. Bob Cohen Writer, Internet
                        Message 11 of 15 , Jan 26, 2013
                        • 0 Attachment
                          On Jan 26, 2013, at 5:05 PM, Wietse Venema <wietse@...> wrote:

                          > No. It means you should read documentation instead
                          > seeking well-known answers on the mailing list.


                          Thank you. Sorry if I violated list etiquette. It's hard for a ham and egger like me to know what is or isn't common knowledge.

                          Bob Cohen
                          Writer, Internet Consultant, Teacher
                          w: bobjcohen.com
                          t: #itsabobworld
                        • Ralf Hildebrandt
                          ... No. Everything after permit is ignored. ... Again, you seem to have something like: ... stuff ... permit ... more stuff ... in your restrictions. more
                          Message 12 of 15 , Jan 28, 2013
                          • 0 Attachment
                            * Bob Cohen <bob@...>:
                            > Follows are several maillog entries. I'm not clear on how to read them.
                            >
                            > warning: restriction `reject_rbl_client' after `permit' is ignored


                            > Does this mean, Postfix rejected an email based on the
                            > reject_rbl_client rule, which was placed in the main.cf after the
                            > permit. And, Postfix is ignoring the warning?

                            No. Everything after permit is ignored.

                            > warning: restriction `warn_if_reject' after `permit' is ignored

                            Again, you seem to have something like:

                            ... stuff ...
                            permit
                            ... more stuff ...

                            in your restrictions. "more stuff" will be ignored.

                            --
                            [*] sys4 AG

                            http://sys4.de, +49 (89) 30 90 46 64
                            Franziskanerstraße 15, 81669 München

                            Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
                            Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer
                            Aufsichtsratsvorsitzender: Joerg Heidrich
                          Your message has been successfully submitted and would be delivered to recipients shortly.