some questions about my postfix config

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
14 messages Options
Reply | Threaded
Open this post in threaded view
|

some questions about my postfix config

David Ballano
Hello people,

I have some questions for you,

I configured postfix with virtual domains and unix accounts, also I
configured sasl2 with pam (saslauthd) and tls with my own keys.

all seems to work, but there are some questions I can't find.


- where can I see what type of mech I'am using to authenticate? I
think is plain but..

also when I sent an email to  my server (unix account ) I can see that (
using outlook to send an email to my server.)

Sep 22 13:51:55 orion postfix/smtpd[9636]: connect from unknown[84.78.228.193]
Sep 22 13:51:55 orion postfix/smtpd[9636]: setting up TLS connection
from unknown[84.78.228.193]
Sep 22 13:51:56 orion postfix/smtpd[9636]: TLS connection established
from unknown[84.78.228.193]: TLSv1 with cipher RC4-MD5 (128/128 bits)
Sep 22 13:51:57 orion postfix/smtpd[9636]: warning: SASL
authentication failure: incorrect NTLM response
Sep 22 13:51:57 orion postfix/smtpd[9636]: warning:
unknown[84.78.228.193]: SASL NTLM authentication failed:
authentication failure
Sep 22 13:51:58 orion postfix/smtpd[9636]: 1D38F27B8089:
client=unknown[84.78.228.193], sasl_method=NTLM,
sasl_username=[hidden email]
Sep 22 13:51:58 orion postfix/cleanup[9643]: 1D38F27B8089:
message-id=<000d01c91cd2$0d5abc90$0201a8c0@ebd0f82afec14bc>
Sep 22 13:51:58 orion postfix/qmgr[30190]: 1D38F27B8089:
from=<[hidden email]>, size=1532, nrcpt=1 (queue active)
Sep 22 13:51:58 orion postfix/local[9644]: 1D38F27B8089:
to=<[hidden email]>, orig_to=<[hidden email]>,
relay=local, delay=0.92, delays=0.92/0/0/0.01, dsn=2.0.0, status=sent
(delivered to mailbox)
Sep 22 13:51:58 orion postfix/qmgr[30190]: 1D38F27B8089: removed
Sep 22 13:51:59 orion postfix/smtpd[9636]: disconnect from
unknown[84.78.228.193]

there are some things that I can't understand

warning: unknown[84.78.228.193]: SASL NTLM authentication failed:
authentication failure

why failed? but it works.

1D38F27B8089: to=<[hidden email]>,
orig_to=<[hidden email]>, relay=local, delay=0.92,
delays=0.92/0/0/0.01, dsn=2.0.0, status=sent (delivered to mailbox)

why "to:" is diferent from "orig_to", is because the account is local??

is all of that normal?


here you have  my postconf -n

orion:~# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
inet_interfaces = all
mailbox_size_limit = 0
mydestination = orion.ballano.net, localhost.ballano.net, localhost
myhostname = orion.ballano.net
mynetworks = 127.0.0.0/8
recipient_delimiter = +
relayhost =
smtp_tls_note_starttls_offer = yes
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP (Microsoft Exchange)
smtpd_recipient_restrictions = reject_non_fqdn_sender,
reject_non_fqdn_recipient, permit_mynetworks,
permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = ballano.net
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/ssl/certs/cert.pem
smtpd_tls_key_file = /etc/ssl/certs/key.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
virtual_alias_domains = ballano.net
virtual_alias_maps = hash:/etc/postfix/virtual

and what I see if I connect throught telnet

220 orion.ballano.net ESMTP (Microsoft Exchange)
ehlo ballano.net
250-orion.ballano.net
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
Reply | Threaded
Open this post in threaded view
|

Fwd: some questions about my postfix config

David Ballano
sorry I didn't say thanks for your help!!!
:)

Hello people,

I have some questions for you,

I configured postfix with virtual domains and unix accounts, also I
configured sasl2 with pam (saslauthd) and tls with my own keys.

all seems to work, but there are some questions I can't find.


- where can I see what type of mech I'am using to authenticate? I
think is plain but..

also when I sent an email to  my server (unix account ) I can see that (
using outlook to send an email to my server.)

Sep 22 13:51:55 orion postfix/smtpd[9636]: connect from unknown[84.78.228.193]
Sep 22 13:51:55 orion postfix/smtpd[9636]: setting up TLS connection
from unknown[84.78.228.193]
Sep 22 13:51:56 orion postfix/smtpd[9636]: TLS connection established
from unknown[84.78.228.193]: TLSv1 with cipher RC4-MD5 (128/128 bits)
Sep 22 13:51:57 orion postfix/smtpd[9636]: warning: SASL
authentication failure: incorrect NTLM response
Sep 22 13:51:57 orion postfix/smtpd[9636]: warning:
unknown[84.78.228.193]: SASL NTLM authentication failed:
authentication failure
Sep 22 13:51:58 orion postfix/smtpd[9636]: 1D38F27B8089:
client=unknown[84.78.228.193], sasl_method=NTLM,
sasl_username=[hidden email]
Sep 22 13:51:58 orion postfix/cleanup[9643]: 1D38F27B8089:
message-id=<000d01c91cd2$0d5abc90$0201a8c0@ebd0f82afec14bc>
Sep 22 13:51:58 orion postfix/qmgr[30190]: 1D38F27B8089:
from=<[hidden email]>, size=1532, nrcpt=1 (queue active)
Sep 22 13:51:58 orion postfix/local[9644]: 1D38F27B8089:
to=<[hidden email]>, orig_to=<[hidden email]>,
relay=local, delay=0.92, delays=0.92/0/0/0.01, dsn=2.0.0, status=sent
(delivered to mailbox)
Sep 22 13:51:58 orion postfix/qmgr[30190]: 1D38F27B8089: removed
Sep 22 13:51:59 orion postfix/smtpd[9636]: disconnect from
unknown[84.78.228.193]

there are some things that I can't understand

warning: unknown[84.78.228.193]: SASL NTLM authentication failed:
authentication failure

why failed? but it works.

1D38F27B8089: to=<[hidden email]>,
orig_to=<[hidden email]>, relay=local, delay=0.92,
delays=0.92/0/0/0.01, dsn=2.0.0, status=sent (delivered to mailbox)

why "to:" is diferent from "orig_to", is because the account is local??

is all of that normal?


here you have  my postconf -n

orion:~# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
inet_interfaces = all
mailbox_size_limit = 0
mydestination = orion.ballano.net, localhost.ballano.net, localhost
myhostname = orion.ballano.net
mynetworks = 127.0.0.0/8
recipient_delimiter = +
relayhost =
smtp_tls_note_starttls_offer = yes
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP (Microsoft Exchange)
smtpd_recipient_restrictions = reject_non_fqdn_sender,
reject_non_fqdn_recipient, permit_mynetworks,
permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = ballano.net
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/ssl/certs/cert.pem
smtpd_tls_key_file = /etc/ssl/certs/key.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
virtual_alias_domains = ballano.net
virtual_alias_maps = hash:/etc/postfix/virtual

and what I see if I connect throught telnet

220 orion.ballano.net ESMTP (Microsoft Exchange)
ehlo ballano.net
250-orion.ballano.net
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
Reply | Threaded
Open this post in threaded view
|

Re: some questions about my postfix config

Brian Evans - Postfix List
In reply to this post by David Ballano
David Ballano wrote:

> Hello people,
>
> I have some questions for you,
>
> I configured postfix with virtual domains and unix accounts, also I
> configured sasl2 with pam (saslauthd) and tls with my own keys.
>
> all seems to work, but there are some questions I can't find.
>
>
> - where can I see what type of mech I'am using to authenticate? I
> think is plain but..
>  

http://www.postfix.org/DEBUG_README.html#mail and grab saslfinger to
help debug.

> also when I sent an email to  my server (unix account ) I can see that (
> using outlook to send an email to my server.)
>
> Sep 22 13:51:55 orion postfix/smtpd[9636]: connect from unknown[84.78.228.193]
> Sep 22 13:51:55 orion postfix/smtpd[9636]: setting up TLS connection
> from unknown[84.78.228.193]
> Sep 22 13:51:56 orion postfix/smtpd[9636]: TLS connection established
> from unknown[84.78.228.193]: TLSv1 with cipher RC4-MD5 (128/128 bits)
> Sep 22 13:51:57 orion postfix/smtpd[9636]: warning: SASL
> authentication failure: incorrect NTLM response
> Sep 22 13:51:57 orion postfix/smtpd[9636]: warning:
> unknown[84.78.228.193]: SASL NTLM authentication failed:
> authentication failure
> Sep 22 13:51:58 orion postfix/smtpd[9636]: 1D38F27B8089:
> client=unknown[84.78.228.193], sasl_method=NTLM,
> sasl_username=[hidden email]
> Sep 22 13:51:58 orion postfix/cleanup[9643]: 1D38F27B8089:
> message-id=<000d01c91cd2$0d5abc90$0201a8c0@ebd0f82afec14bc>
> Sep 22 13:51:58 orion postfix/qmgr[30190]: 1D38F27B8089:
> from=<[hidden email]>, size=1532, nrcpt=1 (queue active)
> Sep 22 13:51:58 orion postfix/local[9644]: 1D38F27B8089:
> to=<[hidden email]>, orig_to=<[hidden email]>,
> relay=local, delay=0.92, delays=0.92/0/0/0.01, dsn=2.0.0, status=sent
> (delivered to mailbox)
> Sep 22 13:51:58 orion postfix/qmgr[30190]: 1D38F27B8089: removed
> Sep 22 13:51:59 orion postfix/smtpd[9636]: disconnect from
> unknown[84.78.228.193]
>
> there are some things that I can't understand
>
> warning: unknown[84.78.228.193]: SASL NTLM authentication failed:
> authentication failure
>
> why failed? but it works.
>  

This means the AUTH failed but the client passed another restriction
(most likely was an authorized destination).
> 1D38F27B8089: to=<[hidden email]>,
> orig_to=<[hidden email]>, relay=local, delay=0.92,
> delays=0.92/0/0/0.01, dsn=2.0.0, status=sent (delivered to mailbox)
>
> why "to:" is diferent from "orig_to", is because the account is local??
>
> is all of that normal?
>  

This is because a (virtual_|)alias_maps match was found.
> smtpd_banner = $myhostname ESMTP (Microsoft Exchange)
>  

Why lie? No one will ever care.

Brian

Reply | Threaded
Open this post in threaded view
|

Re: some questions about my postfix config

Noel Jones-2
In reply to this post by David Ballano
David Ballano wrote:

>
> - where can I see what type of mech I'am using to authenticate? I
> think is plain but..
>
> also when I sent an email to  my server (unix account ) I can see that (
> using outlook to send an email to my server.)
>
> Sep 22 13:51:55 orion postfix/smtpd[9636]: connect from unknown[84.78.228.193]
> Sep 22 13:51:55 orion postfix/smtpd[9636]: setting up TLS connection
> from unknown[84.78.228.193]
> Sep 22 13:51:56 orion postfix/smtpd[9636]: TLS connection established
> from unknown[84.78.228.193]: TLSv1 with cipher RC4-MD5 (128/128 bits)

TLS connection established.

> Sep 22 13:51:57 orion postfix/smtpd[9636]: warning: SASL
> authentication failure: incorrect NTLM response

auth NTLM failed.

> Sep 22 13:51:57 orion postfix/smtpd[9636]: warning:
> unknown[84.78.228.193]: SASL NTLM authentication failed:
> authentication failure

AUTH NTLM failed again.

> Sep 22 13:51:58 orion postfix/smtpd[9636]: 1D38F27B8089:
> client=unknown[84.78.228.193], sasl_method=NTLM,
> sasl_username=[hidden email]

AUTH NTLM succeeded.
No, I don't know why it failed before it worked, but it did
work eventually.
If you're curious what the client sent, get a network capture.

"sasl_method=NTLM" shows the authentication mech used.
"sasl_username=[hidden email]" shows the username used.
The existence of these entries proves that AUTH was successful.


> Sep 22 13:51:58 orion postfix/local[9644]: 1D38F27B8089:
> to=<[hidden email]>, orig_to=<[hidden email]>,
> relay=local, delay=0.92, delays=0.92/0/0/0.01, dsn=2.0.0, status=sent
> (delivered to mailbox)

This is reasonable, but maybe not what you intended.
Probably a virtual_alias_maps entry causes the recipient to be
rewritten.  You can add -v to the master.cf "cleanup" service
to see what rewrites the address.  Or just look in your
virtual table.

> here you have  my postconf -n
>
> orion:~# postconf -n
> mailbox_size_limit = 0

This is unwise.  Set some kind of limit.

> mydestination = orion.ballano.net, localhost.ballano.net, localhost
> myhostname = orion.ballano.net
> mynetworks = 127.0.0.0/8
> smtpd_banner = $myhostname ESMTP (Microsoft Exchange)

This won't fool anyone.  But if it makes you feel better, OK.

--
Noel Jones
Reply | Threaded
Open this post in threaded view
|

Re: some questions about my postfix config

David Ballano
2008/9/22 Noel Jones <[hidden email]>:

> David Ballano wrote:
>>
>> - where can I see what type of mech I'am using to authenticate? I
>> think is plain but..
>>
>> also when I sent an email to  my server (unix account ) I can see that (
>> using outlook to send an email to my server.)
>>
>> Sep 22 13:51:55 orion postfix/smtpd[9636]: connect from
>> unknown[84.78.228.193]
>> Sep 22 13:51:55 orion postfix/smtpd[9636]: setting up TLS connection
>> from unknown[84.78.228.193]
>> Sep 22 13:51:56 orion postfix/smtpd[9636]: TLS connection established
>> from unknown[84.78.228.193]: TLSv1 with cipher RC4-MD5 (128/128 bits)
>
> TLS connection established.
>
>> Sep 22 13:51:57 orion postfix/smtpd[9636]: warning: SASL
>> authentication failure: incorrect NTLM response
>
> auth NTLM failed.
>
>> Sep 22 13:51:57 orion postfix/smtpd[9636]: warning:
>> unknown[84.78.228.193]: SASL NTLM authentication failed:
>> authentication failure
>
> AUTH NTLM failed again.
>
>> Sep 22 13:51:58 orion postfix/smtpd[9636]: 1D38F27B8089:
>> client=unknown[84.78.228.193], sasl_method=NTLM,
>> sasl_username=[hidden email]
>
> AUTH NTLM succeeded.
> No, I don't know why it failed before it worked, but it did work eventually.
> If you're curious what the client sent, get a network capture.
>
> "sasl_method=NTLM" shows the authentication mech used.
> "sasl_username=[hidden email]" shows the username used.
> The existence of these entries proves that AUTH was successful.
>
>
>> Sep 22 13:51:58 orion postfix/local[9644]: 1D38F27B8089:
>> to=<[hidden email]>, orig_to=<[hidden email]>,
>> relay=local, delay=0.92, delays=0.92/0/0/0.01, dsn=2.0.0, status=sent
>> (delivered to mailbox)
>
> This is reasonable, but maybe not what you intended.
> Probably a virtual_alias_maps entry causes the recipient to be rewritten.
>  You can add -v to the master.cf "cleanup" service to see what rewrites the
> address.  Or just look in your virtual table.
>
>> here you have  my postconf -n
>>
>> orion:~# postconf -n
>> mailbox_size_limit = 0
>
> This is unwise.  Set some kind of limit.
>
>> mydestination = orion.ballano.net, localhost.ballano.net, localhost
>> myhostname = orion.ballano.net
>> mynetworks = 127.0.0.0/8
>> smtpd_banner = $myhostname ESMTP (Microsoft Exchange)
>
> This won't fool anyone.  But if it makes you feel better, OK.
>
> --
> Noel Jones
>

Hello,

I added -v to the smtpd, it's just incredible...


Sep 22 15:15:28 orion postfix/smtpd[25753]: send attr request = policy
Sep 22 15:15:28 orion postfix/smtpd[25753]: send attr cache_type = smtpd
Sep 22 15:15:28 orion postfix/smtpd[25753]: private/tlsmgr: wanted
attribute: status
Sep 22 15:15:28 orion postfix/smtpd[25753]: input attribute name: status
Sep 22 15:15:28 orion postfix/smtpd[25753]: input attribute value: 0
Sep 22 15:15:28 orion postfix/smtpd[25753]: private/tlsmgr: wanted
attribute: cachable
Sep 22 15:15:28 orion postfix/smtpd[25753]: input attribute name: cachable
Sep 22 15:15:28 orion postfix/smtpd[25753]: input attribute value: 0
Sep 22 15:15:28 orion postfix/smtpd[25753]: private/tlsmgr: wanted
attribute: (list terminator)
Sep 22 15:15:28 orion postfix/smtpd[25753]: input attribute name: (end)
Sep 22 15:15:28 orion postfix/smtpd[25753]: match_string:
fast_flush_domains ~? debug_peer_list
Sep 22 15:15:28 orion postfix/smtpd[25753]: match_string:
fast_flush_domains ~? fast_flush_domains
Sep 22 15:15:28 orion postfix/smtpd[25753]: auto_clnt_create:
transport=local endpoint=private/anvil
Sep 22 15:15:28 orion postfix/smtpd[25753]: connection established
Sep 22 15:15:28 orion postfix/smtpd[25753]: master_notify: status 0
Sep 22 15:15:28 orion postfix/smtpd[25753]: name_mask: resource
Sep 22 15:15:28 orion postfix/smtpd[25753]: name_mask: software
Sep 22 15:15:28 orion postfix/smtpd[25753]: xsasl_cyrus_server_create:
SASL service=smtp, realm=ballano.net
Sep 22 15:15:28 orion postfix/smtpd[25753]: name_mask: noanonymous
Sep 22 15:15:28 orion postfix/smtpd[25753]: connect from unknown[84.78.228.193]
Sep 22 15:15:28 orion postfix/smtpd[25753]: match_list_match: unknown: no match
Sep 22 15:15:28 orion postfix/smtpd[25753]: match_list_match:
84.78.228.193: no match
Sep 22 15:15:28 orion postfix/smtpd[25753]: match_list_match: unknown: no match
Sep 22 15:15:28 orion postfix/smtpd[25753]: match_list_match:
84.78.228.193: no match
Sep 22 15:15:28 orion postfix/smtpd[25753]: match_hostname: unknown ~?
127.0.0.0/8
Sep 22 15:15:28 orion postfix/smtpd[25753]: match_hostaddr:
84.78.228.193 ~? 127.0.0.0/8
Sep 22 15:15:28 orion postfix/smtpd[25753]: match_list_match: unknown: no match
Sep 22 15:15:28 orion postfix/smtpd[25753]: match_list_match:
84.78.228.193: no match
Sep 22 15:15:28 orion postfix/smtpd[25753]: auto_clnt_open: connected
to private/anvil
Sep 22 15:15:28 orion postfix/smtpd[25753]: send attr request = connect
Sep 22 15:15:28 orion postfix/smtpd[25753]: send attr ident = smtp:84.78.228.193
Sep 22 15:15:28 orion postfix/smtpd[25753]: private/anvil: wanted
attribute: status
Sep 22 15:15:28 orion postfix/smtpd[25753]: input attribute name: status
Sep 22 15:15:28 orion postfix/smtpd[25753]: input attribute value: 0
Sep 22 15:15:28 orion postfix/smtpd[25753]: private/anvil: wanted
attribute: count
Sep 22 15:15:28 orion postfix/smtpd[25753]: input attribute name: count
Sep 22 15:15:28 orion postfix/smtpd[25753]: input attribute value: 1
Sep 22 15:15:28 orion postfix/smtpd[25753]: private/anvil: wanted
attribute: rate
Sep 22 15:15:28 orion postfix/smtpd[25753]: input attribute name: rate
Sep 22 15:15:28 orion postfix/smtpd[25753]: input attribute value: 1
Sep 22 15:15:28 orion postfix/smtpd[25753]: private/anvil: wanted
attribute: (list terminator)
Sep 22 15:15:28 orion postfix/smtpd[25753]: input attribute name: (end)
Sep 22 15:15:28 orion postfix/smtpd[25753]: > unknown[84.78.228.193]:
220 orion.ballano.net ESMTP (Microsoft Exchange)
Sep 22 15:15:28 orion postfix/smtpd[25753]: < unknown[84.78.228.193]:
EHLO ebd0f82afec14bc
Sep 22 15:15:28 orion postfix/smtpd[25753]: > unknown[84.78.228.193]:
250-orion.ballano.net
Sep 22 15:15:28 orion postfix/smtpd[25753]: > unknown[84.78.228.193]:
250-PIPELINING
Sep 22 15:15:28 orion postfix/smtpd[25753]: > unknown[84.78.228.193]:
250-SIZE 10240000
Sep 22 15:15:28 orion postfix/smtpd[25753]: > unknown[84.78.228.193]: 250-VRFY
Sep 22 15:15:28 orion postfix/smtpd[25753]: > unknown[84.78.228.193]: 250-ETRN
Sep 22 15:15:28 orion postfix/smtpd[25753]: match_list_match: unknown: no match
Sep 22 15:15:28 orion postfix/smtpd[25753]: match_list_match:
84.78.228.193: no match
Sep 22 15:15:28 orion postfix/smtpd[25753]: > unknown[84.78.228.193]:
250-STARTTLS
Sep 22 15:15:28 orion postfix/smtpd[25753]: > unknown[84.78.228.193]:
250-ENHANCEDSTATUSCODES
Sep 22 15:15:28 orion postfix/smtpd[25753]: > unknown[84.78.228.193]:
250-8BITMIME
Sep 22 15:15:28 orion postfix/smtpd[25753]: > unknown[84.78.228.193]: 250 DSN
Sep 22 15:15:29 orion postfix/smtpd[25753]: < unknown[84.78.228.193]: STARTTLS
Sep 22 15:15:29 orion postfix/smtpd[25753]: > unknown[84.78.228.193]:
220 2.0.0 Ready to start TLS
Sep 22 15:15:29 orion postfix/smtpd[25753]: setting up TLS connection
from unknown[84.78.228.193]
Sep 22 15:15:29 orion postfix/smtpd[25753]: send attr request = seed
Sep 22 15:15:29 orion postfix/smtpd[25753]: send attr size = 32
Sep 22 15:15:29 orion postfix/smtpd[25753]: private/tlsmgr: wanted
attribute: status
Sep 22 15:15:29 orion postfix/smtpd[25753]: input attribute name: status
Sep 22 15:15:29 orion postfix/smtpd[25753]: input attribute value: 0
Sep 22 15:15:29 orion postfix/smtpd[25753]: private/tlsmgr: wanted
attribute: seed
Sep 22 15:15:29 orion postfix/smtpd[25753]: input attribute name: seed
Sep 22 15:15:29 orion postfix/smtpd[25753]: input attribute value:
JhH0Mrto2NAiB7i9b18X+3L6bA7qt0mCj96e4SGjc8Y=
Sep 22 15:15:29 orion postfix/smtpd[25753]: private/tlsmgr: wanted
attribute: (list terminator)
Sep 22 15:15:29 orion postfix/smtpd[25753]: input attribute name: (end)
Sep 22 15:15:29 orion postfix/smtpd[25753]: TLS connection established
from unknown[84.78.228.193]: TLSv1 with cipher RC4-MD5 (128/128 bits)
Sep 22 15:15:29 orion postfix/smtpd[25753]: < unknown[84.78.228.193]:
EHLO ebd0f82afec14bc
Sep 22 15:15:29 orion postfix/smtpd[25753]: > unknown[84.78.228.193]:
250-orion.ballano.net
Sep 22 15:15:29 orion postfix/smtpd[25753]: > unknown[84.78.228.193]:
250-PIPELINING
Sep 22 15:15:29 orion postfix/smtpd[25753]: > unknown[84.78.228.193]:
250-SIZE 10240000
Sep 22 15:15:29 orion postfix/smtpd[25753]: > unknown[84.78.228.193]: 250-VRFY
Sep 22 15:15:29 orion postfix/smtpd[25753]: > unknown[84.78.228.193]: 250-ETRN
Sep 22 15:15:29 orion postfix/smtpd[25753]: > unknown[84.78.228.193]:
250-AUTH NTLM LOGIN PLAIN DIGEST-MD5 CRAM-MD5
Sep 22 15:15:29 orion postfix/smtpd[25753]: match_list_match: unknown: no match
Sep 22 15:15:29 orion postfix/smtpd[25753]: match_list_match:
84.78.228.193: no match
Sep 22 15:15:29 orion postfix/smtpd[25753]: > unknown[84.78.228.193]:
250-AUTH=NTLM LOGIN PLAIN DIGEST-MD5 CRAM-MD5
Sep 22 15:15:29 orion postfix/smtpd[25753]: > unknown[84.78.228.193]:
250-ENHANCEDSTATUSCODES
Sep 22 15:15:29 orion postfix/smtpd[25753]: > unknown[84.78.228.193]:
250-8BITMIME
Sep 22 15:15:29 orion postfix/smtpd[25753]: > unknown[84.78.228.193]: 250 DSN
Sep 22 15:15:30 orion postfix/smtpd[25753]: < unknown[84.78.228.193]: AUTH NTLM
Sep 22 15:15:30 orion postfix/smtpd[25753]: xsasl_cyrus_server_first:
sasl_method NTLM
Sep 22 15:15:30 orion postfix/smtpd[25753]:
xsasl_cyrus_server_auth_response: uncoded server challenge:
Sep 22 15:15:30 orion postfix/smtpd[25753]: > unknown[84.78.228.193]: 334
Sep 22 15:15:30 orion postfix/smtpd[25753]: < unknown[84.78.228.193]:
TlRMTVNTUAABAAAAB7IIog0ADQA3AAAADwAPACgAAAAFASgKAAAAD0VCRDBGODJBRkVDMTRCQ0dSVVBPX1RSQUJ
BSk8=
Sep 22 15:15:30 orion postfix/smtpd[25753]: xsasl_cyrus_server_next:
decoded response: NTLMSSP
Sep 22 15:15:30 orion postfix/smtpd[25753]:
xsasl_cyrus_server_auth_response: uncoded server challenge: NTLMSSP
Sep 22 15:15:30 orion postfix/smtpd[25753]: > unknown[84.78.228.193]:
334 TlRMTVNTUAACAAAAIgAiADAAAAAFsgIAzHOvNucU2GkAAAAAAAAAAAAAAAAAAAAATwBSAEkATwBOAC4AQgB
BAEwATABBAE4ATwAuAE4ARQBUAA==
Sep 22 15:15:30 orion postfix/smtpd[25753]: < unknown[84.78.228.193]:
TlRMTVNTUAADAAAAGAAYAI4AAAAYABgApgAAAB4AHgBIAAAACgAKAGYAAAAeAB4AcAAAAAAAAAC+AAAABYIAAgU
BKAoAAAAPRQBCAEQAMABGADgAMgBBAEYARQBDADEANABCAEMAZABhAHYAaQBkAEUAQgBEADAARgA4ADIAQQBGAEUAQwAxADQAQgBDAHYDMsAv+yfys8MtwnbcwPSukYZM1rrBDdMIDHOSmpZP5jJeLhkDf2MC
MAlkrWF9ng==
Sep 22 15:15:30 orion postfix/smtpd[25753]: xsasl_cyrus_server_next:
decoded response: NTLMSSP
Sep 22 15:15:30 orion postfix/smtpd[25753]: warning: SASL
authentication failure: incorrect NTLM response
Sep 22 15:15:30 orion postfix/smtpd[25753]: warning:
unknown[84.78.228.193]: SASL NTLM authentication failed:
authentication failure
Sep 22 15:15:30 orion postfix/smtpd[25753]: > unknown[84.78.228.193]:
535 5.7.0 Error: authentication failed: authentication failure
Sep 22 15:15:30 orion postfix/smtpd[25753]: < unknown[84.78.228.193]: AUTH NTLM
Sep 22 15:15:30 orion postfix/smtpd[25753]: xsasl_cyrus_server_first:
sasl_method NTLM
Sep 22 15:15:30 orion postfix/smtpd[25753]:
xsasl_cyrus_server_auth_response: uncoded server challenge:
Sep 22 15:15:30 orion postfix/smtpd[25753]: > unknown[84.78.228.193]: 334
Sep 22 15:15:31 orion postfix/smtpd[25753]: < unknown[84.78.228.193]:
TlRMTVNTUAABAAAAB4IIogAAAAAAAAAAAAAAAAAAAAAFASgKAAAADw==
Sep 22 15:15:31 orion postfix/smtpd[25753]: xsasl_cyrus_server_next:
decoded response: NTLMSSP
Sep 22 15:15:31 orion postfix/smtpd[25753]:
xsasl_cyrus_server_auth_response: uncoded server challenge: NTLMSSP
Sep 22 15:15:31 orion postfix/smtpd[25753]: > unknown[84.78.228.193]:
334 TlRMTVNTUAACAAAAIgAiADAAAAAFggIAw9dD9yPBwEEAAAAAAAAAAAAAAAAAAAAATwBSAEkATwBOAC4AQgB
BAEwATABBAE4ATwAuAE4ARQBUAA==
Sep 22 15:15:31 orion postfix/smtpd[25753]: < unknown[84.78.228.193]:
TlRMTVNTUAADAAAAGAAYAHAAAAAYABgAiAAAAAAAAABIAAAACgAKAEgAAAAeAB4AUgAAAAAAAACgAAAABYIAAgU
BKAoAAAAPZABhAHYAaQBkAEUAQgBEADAARgA4ADIAQQBGAEUAQwAxADQAQgBDAAe74MtDWoQBP1IYn0nQh/VwZdgGCcbWC9bYxs71d2T4qL9HKG3RMZoVIxK8045pqQ==
Sep 22 15:15:31 orion postfix/smtpd[25753]: xsasl_cyrus_server_next:
decoded response: NTLMSSP
Sep 22 15:15:31 orion postfix/smtpd[25753]: > unknown[84.78.228.193]:
235 2.0.0 Authentication successful
Sep 22 15:15:32 orion postfix/smtpd[25753]: < unknown[84.78.228.193]:
MAIL FROM: <[hidden email]>
Sep 22 15:15:32 orion postfix/smtpd[25753]: extract_addr: input:
<[hidden email]>
Sep 22 15:15:32 orion postfix/smtpd[25753]: smtpd_check_addr:
addr=[hidden email]
Sep 22 15:15:32 orion postfix/smtpd[25753]: connect to subsystem private/rewrite
Sep 22 15:15:32 orion postfix/smtpd[25753]: send attr request = rewrite
Sep 22 15:15:32 orion postfix/smtpd[25753]: send attr rule = local
Sep 22 15:15:32 orion postfix/smtpd[25753]: send attr address =
[hidden email]
Sep 22 15:15:32 orion postfix/smtpd[25753]: private/rewrite socket:
wanted attribute: flags
Sep 22 15:15:32 orion postfix/smtpd[25753]: input attribute name: flags
Sep 22 15:15:32 orion postfix/smtpd[25753]: input attribute value: 0
Sep 22 15:15:32 orion postfix/smtpd[25753]: private/rewrite socket:
wanted attribute: address
Sep 22 15:15:32 orion postfix/smtpd[25753]: input attribute name: address
Sep 22 15:15:32 orion postfix/smtpd[25753]: input attribute value:
[hidden email]
Sep 22 15:15:32 orion postfix/smtpd[25753]: private/rewrite socket:
wanted attribute: (list terminator)
Sep 22 15:15:32 orion postfix/smtpd[25753]: input attribute name: (end)
Sep 22 15:15:32 orion postfix/smtpd[25753]: rewrite_clnt: local:
[hidden email] -> [hidden email]
Sep 22 15:15:32 orion postfix/smtpd[25753]: send attr request = resolve
Sep 22 15:15:32 orion postfix/smtpd[25753]: send attr sender =
Sep 22 15:15:32 orion postfix/smtpd[25753]: send attr address =
[hidden email]
Sep 22 15:15:32 orion postfix/smtpd[25753]: private/rewrite socket:
wanted attribute: flags
Sep 22 15:15:32 orion postfix/smtpd[25753]: input attribute name: flags
Sep 22 15:15:32 orion postfix/smtpd[25753]: input attribute value: 0
Sep 22 15:15:32 orion postfix/smtpd[25753]: private/rewrite socket:
wanted attribute: transport
Sep 22 15:15:32 orion postfix/smtpd[25753]: input attribute name: transport
Sep 22 15:15:32 orion postfix/smtpd[25753]: input attribute value: error
Sep 22 15:15:32 orion postfix/smtpd[25753]: private/rewrite socket:
wanted attribute: nexthop
Sep 22 15:15:32 orion postfix/smtpd[25753]: input attribute name: nexthop
Sep 22 15:15:32 orion postfix/smtpd[25753]: input attribute value:
User unknown in virtual alias table
Sep 22 15:15:32 orion postfix/smtpd[25753]: private/rewrite socket:
wanted attribute: recipient
Sep 22 15:15:32 orion postfix/smtpd[25753]: input attribute name: recipient
Sep 22 15:15:32 orion postfix/smtpd[25753]: input attribute value:
[hidden email]
Sep 22 15:15:32 orion postfix/smtpd[25753]: private/rewrite socket:
wanted attribute: flags
Sep 22 15:15:32 orion postfix/smtpd[25753]: input attribute name: flags
Sep 22 15:15:32 orion postfix/smtpd[25753]: input attribute value: 512
Sep 22 15:15:32 orion postfix/smtpd[25753]: private/rewrite socket:
wanted attribute: (list terminator)
Sep 22 15:15:32 orion postfix/smtpd[25753]: input attribute name: (end)
Sep 22 15:15:32 orion postfix/smtpd[25753]: resolve_clnt: `' ->
`[hidden email]' -> transp=`error' host=`User unknown in virtual
alias table' rcpt=`david@
ballano.net' flags= class=alias
Sep 22 15:15:32 orion postfix/smtpd[25753]: ctable_locate: install
entry key [hidden email]
Sep 22 15:15:32 orion postfix/smtpd[25753]: extract_addr: in:
<[hidden email]>, result: [hidden email]
Sep 22 15:15:32 orion postfix/smtpd[25753]: fsspace: .: block size
4096, blocks free 10071858
Sep 22 15:15:32 orion postfix/smtpd[25753]: smtpd_check_queue: blocks
4096 avail 10071858 min_free 0 msg_size_limit 10240000
Sep 22 15:15:32 orion postfix/smtpd[25753]: > unknown[84.78.228.193]:
250 2.1.0 Ok
Sep 22 15:15:32 orion postfix/smtpd[25753]: < unknown[84.78.228.193]:
RCPT TO: <[hidden email]>
Sep 22 15:15:32 orion postfix/smtpd[25753]: extract_addr: input:
<[hidden email]>
Sep 22 15:15:32 orion postfix/smtpd[25753]: smtpd_check_addr:
addr=[hidden email]
Sep 22 15:15:32 orion postfix/smtpd[25753]: ctable_locate: leave
existing entry key [hidden email]
Sep 22 15:15:32 orion postfix/smtpd[25753]: extract_addr: in:
<[hidden email]>, result: [hidden email]
Sep 22 15:15:32 orion postfix/smtpd[25753]: send attr request = rewrite
Sep 22 15:15:32 orion postfix/smtpd[25753]: send attr rule = local
Sep 22 15:15:32 orion postfix/smtpd[25753]: send attr address = postmaster
Sep 22 15:15:32 orion postfix/smtpd[25753]: private/rewrite socket:
wanted attribute: flags
Sep 22 15:15:32 orion postfix/smtpd[25753]: input attribute name: flags
Sep 22 15:15:32 orion postfix/smtpd[25753]: input attribute value: 0
Sep 22 15:15:32 orion postfix/smtpd[25753]: private/rewrite socket:
wanted attribute: address
Sep 22 15:15:32 orion postfix/smtpd[25753]: input attribute name: address
Sep 22 15:15:32 orion postfix/smtpd[25753]: input attribute value:
[hidden email]
Sep 22 15:15:32 orion postfix/smtpd[25753]: private/rewrite socket:
wanted attribute: (list terminator)
Sep 22 15:15:32 orion postfix/smtpd[25753]: input attribute name: (end)
Sep 22 15:15:32 orion postfix/smtpd[25753]: rewrite_clnt: local:
postmaster -> [hidden email]
Sep 22 15:15:32 orion postfix/smtpd[25753]: >>> START Recipient
address RESTRICTIONS <<<
Sep 22 15:15:32 orion postfix/smtpd[25753]: generic_checks:
name=reject_non_fqdn_sender
Sep 22 15:15:32 orion postfix/smtpd[25753]: reject_non_fqdn_address:
[hidden email]
Sep 22 15:15:32 orion postfix/smtpd[25753]: generic_checks:
name=reject_non_fqdn_sender status=0
Sep 22 15:15:32 orion postfix/smtpd[25753]: generic_checks:
name=reject_non_fqdn_recipient
Sep 22 15:15:32 orion postfix/smtpd[25753]: reject_non_fqdn_address:
[hidden email]
Sep 22 15:15:32 orion postfix/smtpd[25753]: generic_checks:
name=reject_non_fqdn_recipient status=0
Sep 22 15:15:32 orion postfix/smtpd[25753]: generic_checks:
name=permit_mynetworks
Sep 22 15:15:32 orion postfix/smtpd[25753]: permit_mynetworks: unknown
84.78.228.193
Sep 22 15:15:32 orion postfix/smtpd[25753]: match_hostname: unknown ~?
127.0.0.0/8
Sep 22 15:15:32 orion postfix/smtpd[25753]: match_hostaddr:
84.78.228.193 ~? 127.0.0.0/8
Sep 22 15:15:32 orion postfix/smtpd[25753]: match_list_match: unknown: no match
Sep 22 15:15:32 orion postfix/smtpd[25753]: match_list_match:
84.78.228.193: no match
Sep 22 15:15:32 orion postfix/smtpd[25753]: generic_checks:
name=permit_mynetworks status=0
Sep 22 15:15:32 orion postfix/smtpd[25753]: generic_checks:
name=permit_sasl_authenticated
Sep 22 15:15:32 orion postfix/smtpd[25753]: generic_checks:
name=permit_sasl_authenticated status=1
Sep 22 15:15:32 orion postfix/smtpd[25753]: >>> CHECKING RECIPIENT MAPS <<<
Sep 22 15:15:32 orion postfix/smtpd[25753]: ctable_locate: leave
existing entry key [hidden email]
Sep 22 15:15:32 orion postfix/smtpd[25753]: maps_find:
recipient_canonical_maps: [hidden email]: not found
Sep 22 15:15:32 orion postfix/smtpd[25753]: match_string: ballano.net
~? orion.ballano.net
Sep 22 15:15:32 orion postfix/smtpd[25753]: match_string: ballano.net
~? localhost.ballano.net
Sep 22 15:15:32 orion postfix/smtpd[25753]: match_string: ballano.net
~? localhost
Sep 22 15:15:32 orion postfix/smtpd[25753]: match_list_match:
ballano.net: no match
Sep 22 15:15:32 orion postfix/smtpd[25753]: maps_find:
recipient_canonical_maps: @ballano.net: not found
Sep 22 15:15:32 orion postfix/smtpd[25753]: mail_addr_find:
[hidden email] -> (not found)
Sep 22 15:15:32 orion postfix/smtpd[25753]: maps_find: canonical_maps:
[hidden email]: not found
Sep 22 15:15:32 orion postfix/smtpd[25753]: match_string: ballano.net
~? orion.ballano.net
Sep 22 15:15:32 orion postfix/smtpd[25753]: match_string: ballano.net
~? localhost.ballano.net
Sep 22 15:15:32 orion postfix/smtpd[25753]: match_string: ballano.net
~? localhost
Sep 22 15:15:32 orion postfix/smtpd[25753]: match_list_match:
ballano.net: no match
Sep 22 15:15:32 orion postfix/smtpd[25753]: maps_find: canonical_maps:
@ballano.net: not found
Sep 22 15:15:32 orion postfix/smtpd[25753]: mail_addr_find:
[hidden email] -> (not found)
Sep 22 15:15:32 orion postfix/smtpd[25753]: maps_find:
virtual_alias_maps: hash:/etc/postfix/virtual(0,lock|fold_fix):
[hidden email] = david
Sep 22 15:15:32 orion postfix/smtpd[25753]: mail_addr_find:
[hidden email] -> david
Sep 22 15:15:32 orion postfix/smtpd[25753]: smtpd_check_rewrite:
trying: permit_inet_interfaces
Sep 22 15:15:32 orion postfix/smtpd[25753]: permit_inet_interfaces:
unknown 84.78.228.193
Sep 22 15:15:32 orion postfix/smtpd[25753]: before
input_transp_cleanup: cleanup flags = enable_header_body_filter
enable_automatic_bcc enable_address_mappin
g enable_milters
Sep 22 15:15:32 orion postfix/smtpd[25753]: after
input_transp_cleanup: cleanup flags = enable_header_body_filter
enable_automatic_bcc enable_address_mapping
Sep 22 15:15:32 orion postfix/smtpd[25753]: connect to subsystem public/cleanup
Sep 22 15:15:32 orion postfix/smtpd[25753]: public/cleanup socket:
wanted attribute: queue_id
Sep 22 15:15:32 orion postfix/smtpd[25753]: input attribute name: queue_id
Sep 22 15:15:32 orion postfix/smtpd[25753]: input attribute value: 3076127B8089
Sep 22 15:15:32 orion postfix/smtpd[25753]: public/cleanup socket:
wanted attribute: (list terminator)
Sep 22 15:15:32 orion postfix/smtpd[25753]: input attribute name: (end)
Sep 22 15:15:32 orion postfix/smtpd[25753]: send attr flags = 50
Sep 22 15:15:32 orion postfix/smtpd[25753]: 3076127B8089:
client=unknown[84.78.228.193], sasl_method=NTLM,
sasl_username=[hidden email]
Sep 22 15:15:32 orion postfix/smtpd[25753]: > unknown[84.78.228.193]:
250 2.1.5 Ok
Sep 22 15:15:32 orion postfix/smtpd[25753]: < unknown[84.78.228.193]: DATA
Sep 22 15:15:32 orion postfix/smtpd[25753]: > unknown[84.78.228.193]:
354 End data with <CR><LF>.<CR><LF>
Sep 22 15:15:33 orion postfix/smtpd[25753]: public/cleanup socket:
wanted attribute: status
Sep 22 15:15:33 orion postfix/cleanup[25763]: 3076127B8089:
message-id=<000601c91cdd$ba1e0710$0201a8c0@ebd0f82afec14bc>
Sep 22 15:15:33 orion postfix/smtpd[25753]: input attribute name: status
Sep 22 15:15:33 orion postfix/smtpd[25753]: input attribute value: 0
Sep 22 15:15:33 orion postfix/smtpd[25753]: public/cleanup socket:
wanted attribute: reason
Sep 22 15:15:33 orion postfix/smtpd[25753]: input attribute name: reason
Sep 22 15:15:33 orion postfix/smtpd[25753]: input attribute value: (end)
Sep 22 15:15:33 orion postfix/smtpd[25753]: public/cleanup socket:
wanted attribute: (list terminator)
Sep 22 15:15:33 orion postfix/smtpd[25753]: input attribute name: (end)
Sep 22 15:15:33 orion postfix/smtpd[25753]: > unknown[84.78.228.193]:
250 2.0.0 Ok: queued as 3076127B8089
Sep 22 15:15:33 orion postfix/qmgr[24304]: 3076127B8089:
from=<[hidden email]>, size=1475, nrcpt=1 (queue active)
Sep 22 15:15:33 orion postfix/local[25765]: 3076127B8089:
to=<[hidden email]>, orig_to=<[hidden email]>,
relay=local, delay=1.2, delays=1.1/0.01/
0/0.02, dsn=2.0.0, status=sent (delivered to mailbox)
Sep 22 15:15:33 orion postfix/qmgr[24304]: 3076127B8089: removed
Sep 22 15:15:33 orion postfix/smtpd[25753]: < unknown[84.78.228.193]: QUIT
Sep 22 15:15:33 orion postfix/smtpd[25753]: > unknown[84.78.228.193]:
221 2.0.0 Bye
Sep 22 15:15:33 orion postfix/smtpd[25753]: match_hostname: unknown ~?
127.0.0.0/8
Sep 22 15:15:33 orion postfix/smtpd[25753]: match_hostaddr:
84.78.228.193 ~? 127.0.0.0/8
Sep 22 15:15:33 orion postfix/smtpd[25753]: match_list_match: unknown: no match
Sep 22 15:15:33 orion postfix/smtpd[25753]: match_list_match:
84.78.228.193: no match
Sep 22 15:15:33 orion postfix/smtpd[25753]: send attr request = disconnect
Sep 22 15:15:33 orion postfix/smtpd[25753]: send attr ident = smtp:84.78.228.193
Sep 22 15:15:33 orion postfix/smtpd[25753]: private/anvil: wanted
attribute: status
Sep 22 15:15:33 orion postfix/smtpd[25753]: input attribute name: status
Sep 22 15:15:33 orion postfix/smtpd[25753]: input attribute value: 0
Sep 22 15:15:33 orion postfix/smtpd[25753]: private/anvil: wanted
attribute: (list terminator)
Sep 22 15:15:33 orion postfix/smtpd[25753]: input attribute name: (end)
Sep 22 15:15:33 orion postfix/smtpd[25753]: disconnect from
unknown[84.78.228.193]
Sep 22 15:15:33 orion postfix/smtpd[25753]: master_notify: status 1
Sep 22 15:15:33 orion postfix/smtpd[25753]: connection closed
Sep 22 15:17:08 orion postfix/smtpd[25753]: proxymap stream disconnect
Sep 22 15:17:09 orion postfix/smtpd[25753]: auto_clnt_close:
disconnect private/tlsmgr stream
Sep 22 15:17:12 orion postfix/smtpd[25753]: rewrite stream disconnect
Sep 22 15:17:13 orion postfix/smtpd[25753]: idle timeout -- exiting
Sep 22 15:18:53 orion postfix/anvil[25756]: statistics: max connection
rate 1/60s for (smtp:84.78.228.193) at Sep 22 15:15:28
Sep 22 15:18:53 orion postfix/anvil[25756]: statistics: max connection
count 1 for (smtp:84.78.228.193) at Sep 22 15:15:28
Sep 22 15:18:53 orion postfix/anvil[25756]: statistics: max cache size
1 at Sep 22 15:15:28
Reply | Threaded
Open this post in threaded view
|

Re: some questions about my postfix config

Noel Jones-2
David Ballano wrote:
>
> I added -v to the smtpd, it's just incredible...

Incredible how?  I don't see anything terribly unusual here.

BTW, I don't use AUTH NTLM so I'm not sure what the "normal"
logging for an AUTH NTLM session looks like; it's quite
possible what you are seeing is normal and expected.

If you don't want to offer NTLM, you can disable it in your
cyrus setup.
http://www.postfix.org/SASL_README.html#server_cyrus


--
Noel Jones
Reply | Threaded
Open this post in threaded view
|

Re: some questions about my postfix config

mouss-2
In reply to this post by David Ballano
David Ballano wrote:
> [snip]
> Sep 22 15:15:32 orion postfix/smtpd[25753]: maps_find:
> virtual_alias_maps: hash:/etc/postfix/virtual(0,lock|fold_fix):
> [hidden email] = david
> Sep 22 15:15:32 orion postfix/smtpd[25753]: mail_addr_find:
> [hidden email] -> david


so you have a virtual alias in /etc/postfix/virtual. and then you have
myorigin=$myhostname (default) so "david" becomes
"[hidden email]".

To avoid surprises, only use fqdn addresses in virtual_alias_maps.


> [snip]

Reply | Threaded
Open this post in threaded view
|

Re: some questions about my postfix config

David Ballano
> David Ballano wrote:
>>
>> [snip]
>> Sep 22 15:15:32 orion postfix/smtpd[25753]: maps_find:
>> virtual_alias_maps: hash:/etc/postfix/virtual(0,lock|fold_fix):
>> [hidden email] = david
>> Sep 22 15:15:32 orion postfix/smtpd[25753]: mail_addr_find:
>> [hidden email] -> david
>
>
> so you have a virtual alias in /etc/postfix/virtual. and then you have
> myorigin=$myhostname (default) so "david" becomes "[hidden email]".
>

yes, I have virtual alias because maybe some day my server owns more
domains, for now "ballano.net"
, reading the docs I saw this is the way, isn't it?

but I don't know what to put in my origin, because what happens if
there are more hosted domains?


> To avoid surprises, only use fqdn addresses in virtual_alias_maps.

about fqdn orion.ballano.net is fqdn, right? but  I don't want my
mails being like [hidden email], is that what you mean?

thanks
>
>
>> [snip]
>
>
Reply | Threaded
Open this post in threaded view
|

Re: some questions about my postfix config

mouss-2
David Ballano wrote:

>> David Ballano wrote:
>>> [snip]
>>> Sep 22 15:15:32 orion postfix/smtpd[25753]: maps_find:
>>> virtual_alias_maps: hash:/etc/postfix/virtual(0,lock|fold_fix):
>>> [hidden email] = david
>>> Sep 22 15:15:32 orion postfix/smtpd[25753]: mail_addr_find:
>>> [hidden email] -> david
>>
>> so you have a virtual alias in /etc/postfix/virtual. and then you have
>> myorigin=$myhostname (default) so "david" becomes "[hidden email]".
>>
>
> yes, I have virtual alias because maybe some day my server owns more
> domains, for now "ballano.net"

I don't understand this.

> , reading the docs I saw this is the way, isn't it?

show the line in your virtual.

>
> but I don't know what to put in my origin, because what happens if
> there are more hosted domains?
>
>
>> To avoid surprises, only use fqdn addresses in virtual_alias_maps.
>
> about fqdn orion.ballano.net is fqdn, right? but  I don't want my
> mails being like [hidden email], is that what you mean?
>



if you have

[hidden email] david

then "david" is not fqdn.
Reply | Threaded
Open this post in threaded view
|

Re: some questions about my postfix config

David Ballano
2008/9/23 mouss <[hidden email]>:

> David Ballano wrote:
>>>
>>> David Ballano wrote:
>>>>
>>>> [snip]
>>>> Sep 22 15:15:32 orion postfix/smtpd[25753]: maps_find:
>>>> virtual_alias_maps: hash:/etc/postfix/virtual(0,lock|fold_fix):
>>>> [hidden email] = david
>>>> Sep 22 15:15:32 orion postfix/smtpd[25753]: mail_addr_find:
>>>> [hidden email] -> david
>>>
>>> so you have a virtual alias in /etc/postfix/virtual. and then you have
>>> myorigin=$myhostname (default) so "david" becomes
>>> "[hidden email]".
>>>
>>
>> yes, I have virtual alias because maybe some day my server owns more
>> domains, for now "ballano.net"
>
> I don't understand this.

what I mean is that maybe I use my postfix for more domains,
ballano.net another.net etc..
>
>> , reading the docs I saw this is the way, isn't it?
>
> show the line in your virtual.

orion:/var/log# cat /etc/postfix/virtual
[hidden email] david


>
>>
>> but I don't know what to put in my origin, because what happens if
>> there are more hosted domains?
>>
>>
>>> To avoid surprises, only use fqdn addresses in virtual_alias_maps.
>>
>> about fqdn orion.ballano.net is fqdn, right? but  I don't want my
>> mails being like [hidden email], is that what you mean?
>>
>
>
>
> if you have
>
> [hidden email]      david
>
> then "david" is not fqdn.
>
Reply | Threaded
Open this post in threaded view
|

Re: some questions about my postfix config

mouss-2
David Ballano wrote:
>>> yes, I have virtual alias because maybe some day my server owns more
>>> domains, for now "ballano.net"
>> I don't understand this.
>
> what I mean is that maybe I use my postfix for more domains,
> ballano.net another.net etc..

but what does this have to do with a virtual alias?

>>> , reading the docs I saw this is the way, isn't it?
>> show the line in your virtual.
>
> orion:/var/log# cat /etc/postfix/virtual
> [hidden email] david
>

this redirects <[hidden email]> to <david@$myorigin>, so if you
change myorigin for some reason, the resulting address changes, which
may come as a surprise and may be hard to troubleshoot.

for example, if you decide to set myorigin=$mydomain, then the address
will be rejected as "unknown" (because the mapping becomes:
[hidden email] -> [hidden email], but ballano.not is a virtual
alias domain, so its addresses must map to another domain).

anyway, this changes nothing for your future domains. you will need a
virtual alias for each domain.

[hidden email] [hidden email]
[hidden email] [hidden email]
...

(you can use a script to generate them).
Reply | Threaded
Open this post in threaded view
|

Re: some questions about my postfix config

David Ballano
2008/9/23 mouss <[hidden email]>:

> David Ballano wrote:
>>>>
>>>> yes, I have virtual alias because maybe some day my server owns more
>>>> domains, for now "ballano.net"
>>>
>>> I don't understand this.
>>
>> what I mean is that maybe I use my postfix for more domains,
>> ballano.net another.net etc..
>
> but what does this have to do with a virtual alias?
>
>>>> , reading the docs I saw this is the way, isn't it?
>>>
>>> show the line in your virtual.
>>
>> orion:/var/log# cat /etc/postfix/virtual
>> [hidden email] david
>>
>
> this redirects <[hidden email]> to <david@$myorigin>, so if you change
> myorigin for some reason, the resulting address changes, which may come as a
> surprise and may be hard to troubleshoot.
>
> for example, if you decide to set myorigin=$mydomain, then the address will
> be rejected as "unknown" (because the mapping becomes: [hidden email] ->
> [hidden email], but ballano.not is a virtual alias domain, so its
> addresses must map to another domain).
>
> anyway, this changes nothing for your future domains. you will need a
> virtual alias for each domain.
>
> [hidden email]       [hidden email]
> [hidden email]       [hidden email]
> ...

whow  I don't understant too much,

I want that  all the mail that arrive to [hidden email] goes to
david unix account.  that is what I think  /etc/postfix/virtual does,
and is what I read in the docs


this means unix account ? > [hidden email]

so I'm confused now sorry... what I have tu put in myorigin?,
ballano.net  and change the virtual file, isnt it?


>
> (you can use a script to generate them).
>
Reply | Threaded
Open this post in threaded view
|

Re: some questions about my postfix config

mouss-2
David Ballano wrote:
> whow  I don't understant too much,
>
> I want that  all the mail that arrive to [hidden email] goes to
> david unix account.  that is what I think  /etc/postfix/virtual does,
> and is what I read in the docs
>

virtual can redirect mail to wherever you want. to redirect to a unix
account, simply use a domain that is listed in mydestination. so in your
case you can use [hidden email] or [hidden email].

what you are now using works, because "david" is converted to
"[hidden email]" thanks to append_at_myorigin.


>
> this means unix account ? > [hidden email]
>
> so I'm confused now sorry... what I have tu put in myorigin?,
> ballano.net  and change the virtual file, isnt it?

no, you need to do nothing. I was simply warning you that is safer to
use an fqdn address inside virtual. "david" is not an fqdn address (more
precisely, it has no domain part).


Reply | Threaded
Open this post in threaded view
|

Re: some questions about my postfix config

David Ballano
2008/9/23 mouss <[hidden email]>:

> David Ballano wrote:
>>
>> whow  I don't understant too much,
>>
>> I want that  all the mail that arrive to [hidden email] goes to
>> david unix account.  that is what I think  /etc/postfix/virtual does,
>> and is what I read in the docs
>>
>
> virtual can redirect mail to wherever you want. to redirect to a unix
> account, simply use a domain that is listed in mydestination. so in your
> case you can use [hidden email] or [hidden email].
>
> what you are now using works, because "david" is converted to
> "[hidden email]" thanks to append_at_myorigin.
>
>
>>
>> this means unix account ? > [hidden email]
>>
>> so I'm confused now sorry... what I have tu put in myorigin?,
>> ballano.net  and change the virtual file, isnt it?
>
> no, you need to do nothing. I was simply warning you that is safer to use an
> fqdn address inside virtual. "david" is not an fqdn address (more precisely,
> it has no domain part).
>
>
>
ok , now I understand , thanks!!!!!!!!!!!!!
:)
david.